News & Insights

SEC Expected to Finalize Cybersecurity Rule Spring 2023

What happened?

The U.S. Securities and Exchange Commission’s (SEC) first comprehensive cyber and data security proposal is expected to be finalized in Spring 2023. Firms should expect that they will need to enhance existing cybersecurity programs, particularly if they are not already complying with industry best practices.

Under the proposed rule, registered investment advisers would be required to enhance cyber programs to include:

  1. Conducting annual cybersecurity risk assessments;
  2. Adopting cybersecurity policies and procedures, including cybersecurity threats and vulnerability management;
  3. Establishing a vendor management program; and
  4. Conducting and documenting an annual Cybersecurity Review.

What does this mean for me?

If you have questions, we have SEC and cybersecurity experts who have fully evaluated this rule and are prepared to guide our clients through implementation. Fairview Cyber provides essential cyber and data security services like phishing prevention training, internal and external vulnerability scans, vendor due diligence, and more. Contact us today for more information about our services.