On March 15, 2023, the Securities Exchange Commission (“SEC”) issued three additional proposed rules that would expand the reach of the agency’s current cybersecurity guidance to new.
On March 15, 2023, the U.S. Securities and Exchange Commission (“SEC”) released its proposal to amend Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer.
SEC proposal to amend Regulation S P Privacy of Consumer Financial Information and Safeguarding Customer Information while simultaneously issuing two additional cybersecurity related rule proposals. SEC implements cybersecurity and privacy standards across regulated entities
<p><span>Thank you, Chair Gensler, and thank you to the staff for their presentations. Today, the Commission considers three separate, but related proposals. In discussions with the staff, the three proposals have been described as having different objectives and not being limited solely to cybersecurity. Despite that view, each proposal places a significant focus on cybersecurity. In fact, that term is mentioned over 250 times in the Regulation S-P and Regulation SCI proposals, and over 2,000 times in the cybersecurity risk management proposal. However, the Commission has provided little analysis as to how the proposals interact with each other or how, as a group, they mitigate cybersecurity risks in the most efficient manner. The lack of an integrated regulatory structure may even weaken cybersecurity protection by diverting attention to satisfy multiple overlapping regulatory regimes rather than focusing on the real threat of cyber intrusions and other malfeasance. Thus,
On February 7, 2023, the Securities and Exchange Commission’s (SEC) Division of Examinations (EXAMs) announced its 2023 Examination Priorities (the “Priorities”), which highlight areas.