… In addition to enforcing existing rules and requirements, as everyone in this room well knows, the Commission has also proposed and is considering rules enhancing cybersecurity-related policies and procedures at broker-dealers, exchanges, and other market participants.
I’m sure there are probably as many opinions as there are people in this room about those efforts given the number of comments received in connection with those proposals.
But as Enforcement Director, it would be inappropriate for me to weigh in on that debate. Our panelists, on the other hand, are well-positioned to do so, and I, like each of you, look forward to hearing their thoughts.
Instead, what I’d like to do this morning is share with you some – five to be exact – of the principles that guide the work we are doing across the Enforcement Division to ensure that registrants take their cybersecurity and disclosure obligations seriously.
Source: Gurbir S. Grewal — Remarks at Financial Times Cyber Resilience Summit