The SEC's Office of Compliance Inspections and Examinations (OCIE) issued a risk alert outlining observations related to the cybersecurity practices observed during the course of its examinations. The examinations focused on the written policies and procedures regarding cybersecurity at 75 firms, while also seeking a better understanding of how firms managed cybersecurity preparedness. Although it acknowledged firms' cybersecurity preparedness had improved since 2014, OCIE noted several areas for potential improvement. Specifically, it suggested that broker-dealers and firms could do better at ensuring all required system patches are updated and installed on a timely basis, maintaining incident response plans to be followed in the event of a breach and formalizing supervisory procedures related to transfers to third-party accounts. Link To Article
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.