“An ounce of prevention is worth a pound of cure.”
The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued new guidance on January 27, 2020 which further addresses the cybersecurity risk set confronting regulated financial entities. The report provides visibility into OCIE observations pertaining to effective mitigation of primary cybersecurity risk sets, including:
- Governance
- Access rights
- Data loss prevention,
- Mobile security
- Vendor management
- Incident response
- Employee training.
Recent Comments