SEC Proposed Rules

Preparing for New Regulation

A Review of the SEC’s Proposed Cybersecurity Rules

In recent years, the frequency and severity of cybersecurity breaches have increased exponentially, with more companies experiencing costly and reputation-damaging incidents. The Securities and Exchange Commission (SEC) has taken notice and proposed new rules and amendments that would require public companies, registered investment advisers, and registered investment companies to enhance and standardize their cybersecurity risk management, strategy, governance, and incident reporting.

This paper provides:

• a review of the SEC proposed cybersecurity risk management rules
• key drivers
• specific proposals
• recommended actions that companies can take to prepare for these changes