After a quarter-century of relative cyber slumber—a period of guidance and enforcement action, certainty, but no rule-making—the SEC is approaching information security with a convert’s zeal. In a January 2022 speech, SEC Chair Gary Gensler referenced remarks made by the director of the Cybersecurity and Infrastructure Security Agency (CISA), Jen Easterly, who had observed that “cybersecurity is a team sport.” Chair Gensler, a veteran regulator who gave teeth to the Commodity Futures Trading Commission (CFTC) as its chairman, noted that while both CISA and the FBI “captain Team Cyber,” the SEC has “a role to play as well.” The SEC has since taken that role seriously and, over the course of a year, issued approximately 1,500 pages of proposed rules and amendments related to cybersecurity.
Source: The SEC Awakens to Cybersecurity With the Zeal of a Convert | New York Law Journal
