Main Menu

SEC to Start Conducting Additional Cybersecurity Exams


Cybersecurity, technology, cyberattack, data breachDue to recent cybersecurity breaches and continuing cybersecurity threats against financial services firms, the SEC's Office of Compliance Inspections and Examinations (OCIE) will soon begin its second round of cybersecurity exams. The OCIE will be closely examining the policies and procedures broker-dealers and investment advisers have in place to protect private information and keep hackers away.

On September 15, the OCIE issued a risk alert to provide additional information on the focus areas for these exams. Broker-dealer and investment adviser firms should ensure they are addressing cybersecurity measures in the following areas:

  • Governance and risk assessment
  • Access rights and controls
  • Data loss prevention
  • Vendor management
  • Training
  • Incident response

To help firms assess their cybersecurity preparedness, the OCIE included a sample document request in the risk alert's appendix.

While cybersecurity can be a daunting challenge, we have a number of educational resources and qualified professionals to help you address your cybersecurity risk and firm exposure.

Cybersecurity Resources

Gray_LincolnTony Munns, FBCS, CITP, CIRM, CISATo discuss your firm’s IT, cybersecurity and cyber insurance needs, contact:

Lincoln Gray, Partner, Broker-Dealer and Investment Advisory Services | or 314.983.1235

Tony Munns, Partner, Advisory Services or 314.983.1297


Back to Page