The resounding surge of new cybersecurity laws and regulations over the past several years has generally created a complex, fragmented jumble of global RegTech jurisprudence – and 2023 is shaping up to be the most frenzied year of cybersecurity regulatory change to date. The federal government has more than a dozen new cybersecurity laws and regulations locked and loaded, several of which are being promulgated by the SEC, with iterations for public companies and various types of market entities. In this guest article, Cole-Frieman & Mallon partner John T. Araneo explains the fundamental elements of the SEC’s proposed cybersecurity risk management rule for investment advisers, discusses how this new cybersecurity compliance regime may work and supplies some clear next-step action items that investment advisers should consider taking. See our two-part series on SEC cyber rules: “How to Prepare for the New 8-K Incident Mandate” (Aug. 10, 2022), and “How to Prepare for the New 10-K Disclosure Mandates” (Aug. 17, 2022).