Fund Managers Must Ensure Adequate Security Measures Under Safeguards Rule or Risk SEC Enforcement Action

Recent enforcement actions against three sets of advisory and brokerage firms demonstrate the SEC’s recent focus on cybersecurity. The settlements, related to the so-called Safeguards Rule, were in connection with breaches of cloud-based email systems that resulted in exposure of the PII of thousands of clients. Each settlement order focuses on the lack of multi-factor authentication at the time the account was hacked. This article details the events leading up to the enforcement actions, the alleged violations and the terms of the settlements, with key takeaways from Jason Elmer, the founder and CEO of Drawbridge Partners, and Elizabeth P. Gray, a partner at Willkie Farr & Gallagher. See “SEC Officials and the Defense Bar Talk Cybersecurity Enforcement Trends and Takeaways From Recent Cases” (Nov. 28, 2018).

To read the full article

Continue reading your article with a CSLR subscription.