In a release on July 16, the Commodity Futures Trading Commission (CFTC) encourages financial institutions to use a standardized approach to assess and improve their cybersecurity preparedness.
Continue Reading CFTC Welcomes Standardized Approaches to Assessing Cybersecurity Preparedness
NIST Privacy Framework
OCIE Provides Observations on Cybersecurity and Operational Resiliency Best Practices
On January 27, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission issued a statement summarizing its observations of cybersecurity and operational resiliency practices of broker-dealers, investment advisers, clearing agencies, national securities exchanges and other SEC registrants (the Observations). In its introduction to the Observations, the OCIE staff notes that cybersecurity is a key priority for OCIE. Therefore, although the OCIE staff acknowledges that there is not a “one-size fits all” approach to addressing cybersecurity, it recommends that SEC registrants assess their cybersecurity practices in light of the Observations.
Continue Reading OCIE Provides Observations on Cybersecurity and Operational Resiliency Best Practices
CFTC Adopts NIST Framework for Data Privacy Protection
On January 28, the Commodity Futures Trading Commission (CFTC) announced that it will adopt the National Institute of Standards and Technology (NIST) Privacy Framework for data privacy protection. The NIST Privacy Framework is a voluntary tool developed in collaboration with stakeholders (e.g., service providers, customers, partners) intended to help organizations identify and manage privacy risk…