There are many fascinations raised by the U.S. Securities and Exchange Commission’s new cybersecurity rules proposal. This webinar brings four experts together to discuss them. We’re providing some of the key takeaways from this event below, but we encourage you to also watch the full discussion via replay 

Kirk Samuels, Executive Director of Agio Cybersecurity, dug into these points with Mark Gurevich, Chief Compliance Officer of Maverick Capital, LTD; Ron Geffner, Partner of Sadis & Goldberg, LLP; and Joe Larizza, Managing Partner of Mirador, LLC. 

They discussed the finer points of the proposal, the history of the SEC’s cybersecurity focus, what comes next, and exactly how they affect compliance, technology, cybersecurity, and operations professionals in the alternative investment industry.  

For example, did you know: 

  • Under the current proposal, you’ll only have 48 hours to report an incident   
  • Reporting is broad and ill-defined, leaving some confusion around what exactly needs to be reported  
  • Your Chief Compliance Officer will need to take on more responsibility 
  • Your board will need to have deeper knowledge about your firm’s policy 
  • Your cybersecurity policies must be active, broad, and regularly tested 
  • You will need to publish info about incidents in the public domain (benefiting hackers, not investors) 
  • You may find conflicts between existing privacy rules and the proposal 

 

Attendees, when polled, said they currently lack risk components identified by the SEC: 

 

Only 7% of attendees said they were prepared for the changes. So, if you feel a bit lost, you’re not alone. But this is happening. You will need to get with the program.  

So, check this one out. If you need help, we’re here for you 

See also  What are endpoint services?