April 19, 2018
The National Institute for Standards and Technology Updates Cybersecurity Framework
On April 17, the National Institute for Standards and Technology (NIST) released an updated version of its Cybersecurity Framework, known as version 1.1. The update concentrates on:
WHAT DOES THIS MEAN FOR ME?
The SEC has not yet adopted specific rules addressing cybersecurity requirements. However, the SEC has made it clear through Risk Alerts, IM Guidance and regulatory examinations and enforcement actions that they expect registered investment advisers to have taken steps to ensure that adequate cybersecurity measures are in place.
Firms are encouraged to review the new version of NIST’s Cybersecurity Framework and consider any possible adaptations for use within their own cybersecurity policies and procedures. For further questions for information, please reach out to Fairview directly.