The staff of the US Securities and Exchange Commission’s Division of Investment Management (IM Staff) has released a guidance update highlighting a number of measures that registered investment companies and registered investment advisers should consider in addressing cybersecurity risks. In the guidance update, the IM Staff recommended that investment companies and advisers conduct periodic assessments, create a cybersecurity strategy, and implement the cybersecurity strategy through written policies and procedures, and employee training. The IM Staff also recommended other measures concerning service providers, client cybersecurity awareness, and cybersecurity insurance.
Downloads –