Drawbridge’s Post

The SEC's recent amendments to Regulation S-P are shaking up how Registered Investment Advisers (RIAs) handle data breaches. Effective 60 days post-publication, these updates mandate comprehensive incident response programs and swift client notifications within 30 days of detection. For RIAs, this means more than just compliance—it's about bolstering cybersecurity to protect client data and trust. Are you prepared for these changes? Dive into our latest blog to navigate the new landscape and ensure your firm stays ahead: https://lnkd.in/g27Dk4qZ #SEC #Cybersecurity #RIA #DataBreach #Compliance #FinancialAdvisory #InvestmentManagement

Covered Alternative Investment Managers in New York are affected by the implementation of a new rule introduced by the NYCRR. The new ruling includes deadlines for Managers to implement enhanced cybersecurity requirements by 2024 and 2025. Register for our webinar for actionable recommendations for your firm to meet compliance deadlines >> https://hubs.li/Q02DWxS10 Stay on top of #NewYork #cybersecurity requirements with Drawbridge.

Bank and credit union leaders: Stay ahead of the latest industry developments with our 2024 Financial Institutions Advisor. From post-CECL adoption insights to identifying cybersecurity risks, our expert guidance can help position your institution for success in 2024 and beyond. #CECL #FASB #cybersecurity

The Securities and Exchange Commission has outlined guidelines for reporting cybersecurity breaches, making an important distinction for maintaining the integrity of financial markets. Senior Agency Official Erik Gerding emphasized the need to identify what’s truly important when disclosing incidents, avoiding a flood of unnecessary reports. For further insights, explore the full article at the link in the comments. #SECInsights #CybersecurityDisclosure #Cybersecurity

Read our Financial Services Briefing Special Edition by Dr. Anastasia Mallerou which provides an introduction to the Digital Operational Resilience Act #DORA, the new EU cyber security regulatory framework for the financial sector, and the related compliance obligations of financial entities. 🔎 Find out more ✅ Introduction and Scope ✅ Achieving Digital Operational Resilience ✅ What does DORA Mean for Financial Entities? ✅ Workplan for Financial Entities: When and How Should We Act? Read more below #BernitsasLaw #DORA #cybersecurity

Similar to the rules put forth by the New York Department of Financial Services, back in May of this year, the SEC updated its rules regarding cybersecurity incident responses and reporting. 📊 Broker-dealers, investment companies, registered investment advisors, and others are now required to maintain incident response programs. These programs need to detect, respond to, and recover from cyber theft of customers' personal data. Part of this involves notifying individuals that their information may have been accessed by unauthorized persons. From May, companies affected by the rulings have 18 months to 2 years to implement the changes. These are now standard procedures. The reality is that if you have a robust cybersecurity program in place, you’ll likely meet all of these rules as they come into effect. Have you met these rules, or are you ready to? #CyberSecurity #Compliance #SEC #IncidentResponse #DataProtection

🚨 Is your business ready for the new US cyberattack disclosure rules? Our CEO, Israel Mazin, shares vital insights with Dave Gordon from DX Journal on the imperative of robust cybersecurity defenses amid looming legal and reputational risks. These regulations, requiring businesses to report breaches to the U.S. Securities and Exchange Commission within four days, signal a pivotal shift. How will this affect your strategy? Dive into the discussion and uncover key strategies for navigating these waters: https://lnkd.in/gFTGU6Jg  #Cybersecurity #SEC #DataBreach 

NYCRR Part 500 is now effective, introducing certain regulations for Alternative Investment Managers. Read our latest blog to get a list of key dates and deadlines, and who is covered and who is exempt >> https://hubs.li/Q02xzbK00. #Cybersecurity thought leadership for #AlternativeInvestmentManagers by Drawbridge.

With considerable changes to the marketing rules, cybersecurity rules, and private fund adviser rules, it's imperative you're fully caught up. The Private Fund Compliance Regulatory Forum will drill down into these changes while giving you access to the people responsible for implementing them. Check out the full agenda to see what's being covered: https://lnkd.in/erkVGERG #PFC24 #privatefunds #compliance #regulations #regulatorycompliance #cybersecurity #privatefundadviserrules #secexam #secenforcement #PFCDC #marketingrule Kellie Green

How do you solve a problem like DORA? (Let us know in the comments if you spotted what we did there 😊) DORA places new obligations on financial entities operating in (or supporting other entities in) the EU. The compliance deadline is 17 January 2025. Key areas of focus: 🛡️ DORA aims to bolster resilience in ICT systems for financial entities. 🔍 A significant focus lies on managing third-party risks. Let CRMG guide you through the essentials and join us as we answer your #DORA related queries. #Finance #Financial #Cyber #CyberRisk #Cybersecurity