Regulatory Readiness
-
Cyber Security intelligence: Imminent: Cybersecurity regulations for US financial services
The U.S. Securities and Exchange Commission’s (SEC) is expected to enact new cybersecurity regulations later this year, but the time is now for alternative investment firms to take proactive action. In this article for Cybersecurity Intelligence, Drawbridge CISO and Managing Director Simon Eyre outlines steps that firms can take today so they won’t be forced to…
-
Webinar Recap: SEC and Cybersecurity in 2023 – The Steps Your Firm Must Take Today
In 2022 the SEC made cybersecurity an examination priority and proposed new comprehensive cybersecurity rules for alternative investment advisors and funds. With this increased attention, cybersecurity is no longer only a matter of protecting a firm’s reputation; it’s a critical component of compliance that can significantly impact your business operations. As we await new SEC…
-
Top Events That Shaped Cybersecurity and Resilience in 2022
There are thousands of breaches and cyber events each year, across geographies and industries – some that garner intense media coverage, and many that fly under the radar. Global regulators are continuing to ramp up the pressure on companies to improve cybersecurity resilience and implement safe data practices. As we enter 2023, it’s important to…
-
Waters Technology: Reg SCI expansion set to increase broker-dealer systems scrutiny, reporting
The SEC is preparing to expand Regulation SCI but how can firms prepare in the absence of a formal proposal? Drawbridge CISO Simon Eyre joins other industry experts offering advice in Waters Technology.
-
Webinar Recap: How the SEC’s New Proposed Cybersecurity Rules Could Change Your Firm’s Security Requirements
The U.S. Securities and Exchange Commission (SEC) has proposed cybersecurity rules that represent a revolutionary approach to cybersecurity and will affect all firms in the alternative investment industry – including yours. Regulatory pressure is rising – and firms must prepare now to ensure they can meet and exceed current and future expectations. But what will the SEC’s…
-
Do you know anything about your company’s Business Continuity and Operational Resilience? Well, in this day and age you should
Much has been written about business continuity (BC) and operational resilience (OR) over the last few years. The speed and impact of the pandemic meant all those carefully laid plans were tested to the limit, with some organizations faring better than others. Anyone hoping for a let-up would have been sorely disappointed. As Duncan Mackinnon,…
-
Lessons learned from EyeMed’s costly $4.5 million failed risk assessment
In October 2022, the New York State Department of Financial Services (NYDFS) ordered EyeMed Vision Care, a Cincinnati, Ohio-based vision benefits company, to pay a $4.5 million fine for failing to conduct a necessary risk assessment and violating NYDFS cyber rules. So, what was EyeMed’s mistake? The insurance firm fell short on implementing a multifactor authentication process…
-
How Government Regulations Can Aid Cybersecurity Defenses
Drawbridge CISO Simon Eyre authored this piece, originally featured in Security Boulevard. “In cybersecurity […] we all have a responsibility to ensure that our threat defenses are up-to-date, that our teams are educated and aware of common threats, and that we gather, store and use sensitive data appropriately. But we must also be conscious of…
-
The SEC Gets Real with Investment Advisers and Funds About Their Cyber Hygiene
Acknowledging the severity of cyber risks, the SEC in early February proposed new cybersecurity risk management rules and amendments for registered investment advisers, registered investment companies, and funds. Thanks to law firms, management consultants, and other SEC watchers, in-depth analyses of the proposed changes are readily accessible online. These reports do a good job of walking readers through…
-
Cybersecurity Webinar: Drawbridge x SEC Compliance Solutions
As cybersecurity becomes an increasingly hot topic for advisors and their clients, we took the opportunity to discuss how risks are changing and share industry knowledge that can help strengthen your firm’s cyber environment. Listen in as Katie Mogan of SCS and Adam Menkes of Drawbridge address important concerns facing investment advisers and funds, including:…
-
RegTech Analyst: Are banks safe in a government-backed cyberwar?
Drawbridge CISO Simon Eyre was interviewed for this article in RegTech Analyst that explores the potential for cyber warfare in an era of heightened uncertainty and geopolitical conflict. Asked about the kinds of attacks facing banks, Simon commented: “Availability of Services to the public and to businesses is a critical part of today’s modern online…
-
Drawbridge Achieves SOC 2 Type 1 Compliance
Certification reaffirms Drawbridge’s continued commitment to data security and privacy for clients Drawbridge, a premier provider of cybersecurity software and solutions to the alternative investment industry, today announced their achievement of System and Organization Controls (SOC) 2 type 1 compliance. This certification reflects Drawbridge’s commitment to safeguarding critical client data while helping customers bolster their…
