What We Do
How We Do
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Get Started

Navigating Compliance:
How to Start Preparing for the SEC’s New Cyber Risk Management Rules

Watch the Webinar

By clicking the button above I confirm that I have read and agree to the eSentire privacy policy.

In March 2022, under the Investment Advisers Act of 1940 and the Investment Company Act of 1940, the U.S. Securities and Exchange Commission (SEC) proposed new rules called the Cybersecurity Risk Management for Investment Advisors, Registered Investment Companies, and Business Development Companies.

These proposed SEC cybersecurity rules, which are expected to be released in October 2023, will require all Registered Investment Advisors (RIAs) and investment companies to adopt policies and procedures to better address their cyber risks, enable 24/7 threat detection and response capabilities, and disclose significant cybersecurity incidents in a timely manner.

In this fireside conversation, Tia Hopkins, Chief Cyber Resilience Officer & Field CTO at eSentire, and Eldon Sprickerhoff, Founder & Advisor at eSentire, discussed what we can learn from the SEC’s recent Final Rule and the updates that the SEC is proposing for RIAs with regards to risk assessments, threat and vulnerability management, incident response and recovery, and what RIAs should keep top of mind to ensure compliance with the new rules.

Some of the most important ways in which you can prepare for the upcoming SEC cybersecurity rules include:

  • Risk Assessment and Prioritization: How you will need to effectively assess, categorize, and prioritize cybersecurity risks specific to your firm.
  • Threat and Vulnerability Management: Tools and techniques that help you detect, mitigate, and remediate modern threats and vulnerabilities to remain resilient against advanced cyber threats.
  • Cybersecurity Incident Response and Recovery: How you can demonstrate IR readiness in the event of a cyberattack and the measures you must have in place to ensure continued operations, protect sensitive data, and meet reporting obligations to the SEC.
  • Compliance and Reporting: Understanding the reporting and disclosure obligations imposed by the SEC cybersecurity rules in the wake of significant cybersecurity incidents as well as how to integrate these requirements into your incident response policies.

Get The Webinar