Publications
New SEC Cybersecurity Guidance
June/July 2015
Cybersecurity continues to be a priority for the Securities and Exchange Commission (SEC). The SEC’s Office of Compliance Inspections and Examinations conducted a cybersecurity “sweep” examination in 2014 and released a summary of its results in early 2015. The SEC’s Division of Investment Management — which regulates investment companies and investment advisers — has now issued additional cybersecurity guidance in the form of a Guidance Update, which provides more detail on what reasonable security measures are than the SEC has previously offered, and it expressly confirms that mishandling cyber risks can result in violations of the securities laws by investment companies and investment advisers. In this article, SRZ partners Marc E. Elovitz and Holly H. Weiss, former SRZ partners Robert R. Kiesel and Brian T. Daly and former SRZ attorney Michael L. Yaeger provide an overview of the Guidance Update.