Visory ’s Post

I ask BD/RIA firms all the time whom you want to want to write the check to for their data breaches. The Pirates? The regulators (fed, state, or both)? What is your clients' data worth and your reputation? Take a look at the latest blog from Visory

SEC Cybersecurity Rules Go Live in Days. Companies Still Aren't Sure What to Expect | ME: That's the SEC in a nutshell today - no one knows what to expect https://buff.ly/3Neqj3X #infosec #cybersecurity #cyberrisk #privacy #SEC

SEC disclosure rule for ‘material’ cybersecurity incidents goes into effect Publicly traded companies are now required to disclose “material” cybersecurity incidents to the U.S. Securities and Exchange Commission, after the new agency rule went into effect Monday. While the SEC’s rule is aimed at providing investors with information on potential risks to replace the inconsistent disclosures of major incidents, the controversial rulemaking has garnered criticism from industry, Republican lawmakers and some cybersecurity experts. The implementation of the rule comes at a time when there are few breach reporting requirements, a fact that largely leaves government and policymakers without basic information on the current landscape. https://hubs.li/Q02dlftf0 #cybersecurity #datasecurity

FINRA has maintained its aggressive, heightened enforcement agenda through an escalation of existing remedies with increased penalties, individual bars and admissions. Cybersecurity has assumed a paramount position within the Commission's agenda driven by the prominence of high-profile cyber policy and procedure issues. Here's a short article to discuss the latest trends and ways to protect financial companies. https://lnkd.in/ejD5dpaT #assessments #FINRA #cybersecurity #cyber #riskassessments

Register for tomorrow’s webinar to discover how covered New York Alternative Investment firms will be affected by a new cybersecurity ruling passed by New York State. The ruling introduced deadlines for implementation by 2024 and 2025. Stay on top of deadline requirements and register now>> https://hubs.li/Q02FTRZp0 Drawbridge can help ensure #compliance with #NewYork #cybersecurity rulings for #AlternativeInvestment firms.

📢The U.S. #SecuritiesandExchangeCommission (SEC), a regulatory body responsible for overseeing securities markets and protecting investors, has recently introduced new rules regarding the disclosure of cybersecurity incidents. 🛡️The new rules by #SEC mandate that companies promptly disclose any #cybersecurity incidents that could have a material impact on their operations or financial condition, and emphasize #prevention. 💡Tools like SOCRadar’s Extended #AttackSurfaceManagement have become essential for companies in this context. The module systematically identifies and maps out all internet-facing #assets, giving companies clarity on potential #vulnerability points and allowing for timely reinforcement before a #cyberattack happens, effectively facilitating prevention. 🔻Discover the essentials of the new cybersecurity rules of SEC in our latest blog post: 🔗https://lnkd.in/dUbC_UR7

The Core of SEC's New Cyber Rules 📈 At the heart of the SEC's new regulations are stringent disclosure requirements. Companies must now provide detailed insights into their cybersecurity risks and incident response strategies. This transparency is a game-changer for investors and stakeholders alike. #transparency

📣 Financial Markets and Fund Partners David Dickstein and Richard Marshall share insights on staying compliant with the SEC's amended Regulation S-P, which introduces stringent cybersecurity protocols for protecting customer information. Key takeaways include new incident response and recovery requirements, expanded scope of protected information, and tighter notification deadlines post-breach. With compliance deadlines approaching — January 3, 2026, for larger entities and June 3, 2026, for smaller ones — Katten's advisory provides a roadmap for navigating these changes. Read more: https://bit.ly/3RMGeJ1 #SEC #Cybersecurity #Compliance #FinancialMarkets

Do you know how impacting a data breach can be on a global business? 🌐 Here's a staggering figure to stew on - the average cost of a data breach in the global business industry is a whopping $3.86 million! 💰 That's right, safeguarding information isn't just about preserving reputation and trust, it's a significant financial concern too. 💼 Let's ensure we take cybersecurity seriously to avoid this substantial hit to the bottom line. ⚠️ #DataBreach #CyberSecurity #GlobalBusiness #InformationSafety #Finance #BusinessCosts

The US Securities and Exchange Commission has adopted amendments to Regulation S-P requiring entities under its remit to provide notice to individuals affected by certain types of data breaches. This adds yet another obligation to the rapidly expanding set of potential notification requirements for financial service providers and presents unique challenges for such entities. When faced with multiple, at times conflicting, standards, it is crucial for companies to analyze and understand their obligations. Factors to be considered include the geographic location of the affected entity, the details of the incident, and the affected customers and data. Below we discuss the new SEC requirement, provide a hypothetical cybersecurity incident scenario with examples, and offer considerations for financial institutions seeking to avoid potential regulatory enforcement actions as a result of an incident. #DataBreachCompliance #SECRegulations #FinancialDataSecurity #CyberSecurity #InfoSec #PelionCyberSecurity #FinancialServicesSecurity