Beginning in 2017, the United States Security and Exchange Commission (“SEC”) initiated a series of examinations aimed at compliance policies and procedures regarding individuals within these firms that had a prior disciplinary history.
The SEC’s Office of Compliance Inspections and Examinations (OCIE) recently published a Risk Alert pertaining to “WannaCry,” the ransomware worm that infected hundreds of thousands of computers in over 150 nations earlier in May, 2017. WannaCry infects computers with malicious software that encrypts users’ files and demands payment to regain access to the data. The alert provides cybersecurity best practices, including a new initiative towards “rapid response” methods that firms should use to respond to cybersecurity challenges. It also describes factors that firms may consider to (1) assess their supervisory, compliance and/or other risk management systems related to cybersecurity risks, and (2) make any changes, as may be appropriate, to address or strengthen such systems. Read More…