Fran Faircloth Shares Insight Into SEC Cybersecurity Proposals

In The News
April 18, 2023

In March, the SEC proposed a variety of rule amendments that aim to protect consumers’ data and information. Fran Faircloth, partner in Ropes & Gray’s data, privacy and cybersecurity practice, told BoardIQ that, “the data is the asset of concern in cybersecurity risk management programs, so directors can ask where it’s protected and how it’s managed and can review fund practices in relation to those of competitors.”

Cyber breaches are a consistent concern of directors, and they are often requesting advice on how to best be prepared for these. “Hackers can always get in,” Fran said. “They’re always innovating new ways to break in. I don’t think that means you just throw up your hands and say we can’t do anything. It does mean when the worst happens there’s going to be a lot of scrutiny of what you did.”

“There’s going to be a lot of scrutiny of whether what’s written in those policies and procedures is actually something that was followed,” Fran said. “That’s something very concrete that directors can review.”