With the Securities and Exchange Commission now requiring registered investment advisors to prove they are doing their best to reduce the risk of data and other security breaches, hedge fund managers are quickly waking up to the need to assign a dedicated chief security information officer (CISO) to the task. Although the SEC’ s guidelines […]
Cybersecurity: Monitoring Risk in the Supply Chain
Outsourcing providers may promote themselves as trusted partners to their clients, but when it comes to cybersecurity risk, financial services firms would be wise to treat them as an extension of their own business — with all the hard scrutiny and ongoing monitoring of vulnerability they do inside their own corporate walls. And maybe more, […]
Compliance and IT Experts: Strange Bedfellows in Managing Cybersecurity Risk
When it comes to newly heightened US regulatory oversight of cybersecurity risk, compliance directors face risks of their own. They will be on the front line when examiners from the Securities and Exchange Commission come calling to evaluate their cybersecurity programs. But to even answer the SEC’s questions, not to mention have an acceptable working program to […]
Fund Managers: A Risk-Based Approach to Tackling Cybersecurity Threats
Although Wall Streeters often criticize Washington, DC bureaucrats for being out of touch with their daily realities, the new Framework for Improving Critical Infrastructure Cybersecurity issued in February by the National Institute of Standards and Technology (NIST) might just be a notable exception. It has apparently become a hit among US investment management compliance and data security experts […]
US Fund Managers: Tackling Cybersecurity as Operational Risk
What do retail department stores and US asset managers have in common? The potential for cyberattacks, says the Securities and Exchange Commission, which has put fund managers on high alert to shore up any deficiencies in their data security technology and procedures. The securities watchdog says it will be reviewing the cybersecurity work of investment […]