Digital4nx Group, Ltd.

  • About Us
    • Who We Serve
    • Close
  • Digital Litigation Support Services
    • Digital Forensic Investigations
    • Electronic Discovery Hosting, Consulting, and Advisory
    • Early Case Assessment
    • Expert Witness Testimony
    • Close
  • Cyber Security Services
    • Advanced Ethical Hacking
    • Vulnerability Assessment
    • Post-Breach Incident Response
    • Cyber Awareness Training
    • Cyber Risk and Compliance Assessment
    • CISO-As-A-Service
    • Close
  • News and Case Studies
  • Events
  • Contact Us
    • Subscribe to Newsletter
    • Close
You are here: Home / Press Release / CYBER UPDATE : Registered Investment Advisers and Broker-Dealers SEC says It’s Your Turn to Pay Attention to Cyber Security

CYBER UPDATE : Registered Investment Advisers and Broker-Dealers SEC says It’s Your Turn to Pay Attention to Cyber Security

May 19, 2015 by Rob Kleeger

The Division of Investment Management (IM) of the Securities & Exchange Commission (SEC) has weighed in on Cyber Security of registered investment companies (“funds”) and registered investment advisers (“advisers”) as an important issue because both funds and advisers increasingly use technology to conduct their business activities, and need to protect confidential and sensitive information related to these activities from third parties. That information includes information concerning fund investors and advisory clients.

The IM recommends a number of measures that funds and advisers may wish to consider in addressing Cyber Security risk, including:

Conduct a periodic assessment of:
– the nature, sensitivity and location of information that the firm collects, processes and/or stores, and the technology systems it uses;
– internal and external Cyber Security threats to and vulnerabilities of the firm’s information and technology systems;
– security controls and processes currently in place; and
– the impact should the information or technology systems become compromised; and the effectiveness of the governance structure for the management of Cyber Security risk.
– Create a strategy that is designed to prevent, detect and respond to Cyber Security threats, such a strategy could include:

– controlling access to:
§ various systems and data via management of user credentials;
§ authentication and authorization methods;
§ firewalls and/or perimeter defenses;
§ sensitive information and network resources;
§ network segregation;
§ system hardening; and
§ data encryption.
– protecting against the loss or exfiltration of sensitive data by:
– restricting the use of removable storage media; and
– deploying software that monitors technology systems for:
§ unauthorized intrusions;
§ loss or exfiltration of sensitive data; or
§ other unusual events.
– data backup and retrieval; and
– the development of an incident response plan
– routine testing of strategies could also enhance the effectiveness of any strategy.
· Implement the strategy through:
– written policies and procedures; and
– training that:
§ provides guidance to officers and employees concerning applicable threats and measures to prevent, detect and respond to such threats; and
§ monitors compliance with Cyber Security policies and procedures.

Filed Under: Press Release Tagged With: ADVISERS, CYBER UPDATE, CYBERSECURITY, RIA, SEC

Case Studies

  • When The Hack of a Business Partner is Just as Bad as the Compromise of Your Own Systems.
  • The Threat From Within – Theft of IP
  • Digital4nx Group recognized and honored by Enterprise Security
  • Digital4nx Group Case Study: “Holy SH IT Co: Former IT Exec Cited For Anti-Forensic Program Use”
  • Digital4nx Group Case Study: “Sealed with a KISS”

Categories

  • Announcement
  • Article
  • Case Studies
  • Educational
  • Events
  • Press Release
  • Seminar
  • Webinar

Twitter feed is not available at the moment.

Digital Litigation Support Service

  • DLSS – Digital Litigation Support Services
  • Digital Forensic Investigations
  • Electronic Discovery Hosting, Consulting, and Advisory
  • Early Case Assessment
  • Expert Witness Testimony

Cyber Security Services

  • Cyber Security Services
  • Advanced Ethical Hacking
  • Vulnerability Assessment
  • Post-Breach Incident Response
  • Cyber Awareness Training
  • Cyber Risk and Compliance Assessment
  • CISO-As-A-Service

Case Studies

  • When The Hack of a Business Partner is Just as Bad as the Compromise of Your Own Systems.
  • The Threat From Within – Theft of IP
  • Digital4nx Group recognized and honored by Enterprise Security

Contact Us

Digital4nx Group, Ltd.
8 S. Main St - Unit 70,
Marlboro Township, NJ 07746
info@digital4nxgroup.com
732-786-4062

Subscribe to Newsletter
© 2019 Digital4nx Group, Ltd. | All Rights Reserved. Sitemap · Privacy Policy