In BoardIQ, Ed McNicholas Discusses SEC Cybersecurity Disclosure Guidance Impact on Fund Board Oversight
In BoardIQ, data, privacy & cybersecurity partner and co-chair Ed McNicholas (Washington, D.C.) explained how fund board oversight will be affected by the new Securities and Exchange Commission cybersecurity disclosure regulatory guidance that mandates annual investor disclosures on cybersecurity preparedness, and requires advisors to maintain records on such practices.
Ed explains that several other regulators have pushed towards more specificity in terms of requiring specific cybersecurity risk management controls, such as using multi-factor authentication. He notes the SEC is trying to preserve more technological flexibility and margin to maneuver, while using enforcement actions and disclosure obligations to establish expectations.