Mayer Brown explains SEC’s Continued Focus on Cybersecurity

On September 22, 2015, the US Securities and Exchange Commission (“SEC”) brought and settled charges against a registered investment adviser (the “RIA”) for violations of the Gramm-Leach-Bliley Act’s “safeguards rule” adopted under Regulation S-P.1 These violations occurred immediately prior to a cybersecurity breach of the RIA’s systems, in which the hackers may have obtained personally identifiable information (“PII”) of 100,000 individuals.

In 2000, the SEC adopted the safeguards rule as part of Reg. S-P, which requires that every investment adviser registered with the Commission adopt policies and procedures reasonably designed to: (i) ensure the security and confidentiality of customer … Read more