On Tuesday, the SEC announced that it had filed a settled enforcement action against an investment adviser for the firm’s alleged failure to establish required cybersecurity policies and procedures. The firm’s web server was later breached, compromising the personally identifiable information of approximately 100,000 individuals. This is the first enforcement action that the SEC has brought against a regulated entity for a cybersecurity-related violation.
via Key Takeaways from the SEC’s First Cybersecurity-Related Enforcement Action | Compliance Week
