SEC Offers CyberSecurity Guidance for RIAs & Funds – April 2015

May 8, 2015 David Gemma

Mitigating CyberSecurity Risks & Threats

The SEC’s Division of Investment Management released a CyberSecurity Guidance Update for April 2015 for Investment Funds and RIAs to help address and mitigate CyberSecurity risks and threats.

They are clear in stating “…that is it not possible for a fund or adviser to anticipate and prevent every cyber attack. Appropriate planning to address cybersecurity and a rapid response capability may, nevertheless, assist funds and advisers in mitigating the impact of any such attacks and any related effects on fund investors and advisory clients, as well as complying with the federal securities laws.”


An Integral Part of that Planning is to:

  1. Periodically assess:
    1. How and where information is stored
    2. Potential cybersecurity vulnerabilities
    3. Current security and processes
    4. Repercussions of a security breach
  2. Create a strategy to prevent, detect and respond to CyberSecurity threats.
  3. Train employees and educate clients about reducing exposure to CyberSecurity threats concerning investment accounts.

The CyberSecurity Guidance goes on to say that “An effective assessment would assist in identifying potential cybersecurity threats and vulnerabilities so as to better prioritize and mitigate risk.
Find out How to Identify Potential CyberSecurity Threats & Vulnerabilities.

Read blog How Can RIA Firms Afford CyberSecurity?

See the SEC CyberSecurity Guidance Update.


David Gemma is a Managing Director and CMO at UNAPEN, Inc.   (What’s a UNAPEN?)

Connect with David on Google+


Subscribe to the UNAPEN blog