What is SEC Cybersecurity? And how does it relates to cyber threats that put public companies at risk? Well, continue reading this post. Because this will give you an overview of SEC Cybersecurity. As well as the role of the SEC in cybersecurity.
What Is SEC Cybersecurity?
First, what is SEC? Well, SEC is a federal agency (Securities and Exchange Commission). It ensures the protection of investors.
According to their webpage, its mission is to do the following:
- Protect investors
- Maintain fair, orderly, and efficient markets
- Facilitate capital formation
But, the SEC extends its functions to guide and prevent breaches in cybersecurity. So, SEC cybersecurity is a term to encompass the SEC’s guidance role. Especially in the overall spectrum of cyber threats against public companies.
What Are The SEC’s Role In Cybersecurity?
Among the many ways SEC carries its roles are the following:
- Offering guidance to investors. Especially about safe online trading practices.
- It also provides resources to prevent cyber-related crimes.
- It offers guidance to organizations. Especially about reporting breaches as well as other cybersecurity threats.
- Uses civil law to pursue criminal activity and wrongdoing.
Commission Statement And Guidance On Public Company Cybersecurity Disclosures
The SEC published a commissioned statement to take effect on February 26th, 2018. But, this statement is for what for?
Well, this statement is for interpretive guidance or recommendations. Besides, it’s specific for public companies on the subject of “preparing disclosures about cybersecurity risks and incidents”.
Moreover, because of increased data breaches, companies are being caught unaware. Thus, this statement protects investors. How? By recommending best practices for companies in terms of their cybersecurity.
Resources Provided By The SEC Cybersecurity
If you seek to understand SEC cybersecurity, then you’ll find the following resources valuable:
- SEC Cybersecurity Roundtable. It was a live recorded roundtable discussion from 2014. But, there’s a transcript as well as other materials from the meeting available today. Indeed, it’s a resource recommended. Especially for all those involved in securities.
- FINRA Cybersecurity Page. It stands for “Financial Industry Regulatory Authority”. And it also has a page where you can find helpful resources. As well as checklists for individuals, companies, and other entities.
- The Commission Statement. It’s released by SEC in early 2018. It also provides a list of recommendations and rules for public companies. Besides, it gives organizations a clear understanding of the SEC’s overarching goals and objectives.
The Examples Of SEC Cybersecurity Enforcement
No doubt the online world is such a hostile space for financial markets. In fact, there’s no shortage of malicious software and wrong-doing.
Because of that, there are now multiple cases of law enforcement. And SEC has a page dedicated to publishing these cases in multiple categories. And this includes the following:
- Digital Currency and Initial Coin Offerings
- Account intrusion
- Hacker and Insider Trading
- Market manipulation
- Safeguarding Customer Information, as well as
- Trading suspensions
Requirements Of Public Companies
Reporting To The Sec
Public companies are to report on methods of securing data. As well as risks associated with their organization, and cybersecurity-related.
Public Disclosure
There are also requirements in terms of alerting the public. For instance, when reporting to the SEC, public companies should provide information. Especially, on what they do to prevent cyber incidents. As well as when breaches occur. Including potential risks and vulnerabilities.