Cybercriminals are after banking and financial credentials, trading and investor information or strategies, consumer data, business and tax filing, fraudulent redemptions and more. Breaches can result in financial loss, disruption of operation, compromised confidential information and reputational damage. This significant risk has prompted regulators to put a stronger focus on cybersecurity in 2018.
The SEC added a cybersecurity unit in late 2017 and on February 21, 2018 issued new guidance to assist public firms in preparing disclosures about cybersecurity risks and incidents. This guidance focuses on the importance of cybersecurity policies and procedures and ensuring that senior management considers cybersecurity risks as a part of their fiduciary care. Finally, it includes guidance on timely breach notification to senior management, timely notification and disclosures to investors and trading blackouts following a breach in these policies. The guidance builds on the SEC’s 2018 annual priorities, which include Governance and Risk Assessment, Access Rights and Controls, Data Loss Prevention, Vendor Management, Training and Incident Response.
In addition to the SEC guidance, financial firms will also have to navigate new state level regulations like the NYCRR 500 – with many requirements coming into effect between January and September 2018 – and global regulations like General Data Protection Regulation (GDPR) which comes into effect in May 2018.
In this talk, we will discuss how alternative investment firms can navigate regulations and explore cyber-attack trends, best practices, and proactive measures to reduce your cyber threat profile, mitigate risk, and avoiding regulatory investigations and investor disclosures.
During this webinar, you will learn:
- Why regulators are putting a focus on cybersecurity in 2018
- New SEC cybersecurity guidance and what it means for alternative investment firms
- Other cybersecurity regulations impacting alternative investment firms
- How to incorporate cybersecurity into your business strategy
- How to reduce your cyber threat profile, mitigate risk and avoid regulatory investigations and investor disclosures
About the Speaker
Eldon Sprickerhoff is the original pioneer and inventor of what is now referred to as Managed Detection and Response (MDR). In founding eSentire, he responded to the incipient yet rapidly growing demand for a more proactive approach to preventing and investigating information security breaches. Now with over twenty years of tactical experience, Eldon is acknowledged as a subject matter expert in information security analysis. Eldon holds a Bachelor of Mathematics, Computer Science degree from the University of Waterloo.