2b. BD – Cybersecurity Risk Management (Intermediate - OPEN)
Cyberattacks continue to be disruptive and cause financial and reputational risk to firms across the financial services sector. Firms continue to see an increase in attempts account takeovers, ransomware or network intrusions, and related exposure of customer information attempts. Fraudulent financial activity may compromise firms’ ability to comply with a range of rules and regulations, including, in some cases, FINRA and state rules, as well as SEC rules. This session will review critical considerations to prepare your firm for a potential cybersecurity event, including the importance of incident response, operational resiliency and the supervisory controls needed to prevent data from being compromised.
This session is open to regulators but closed to members of the press.
Learning Objectives:
Determine the infrastructure needed, including cyber insurance to support a firm’s protection of customer and investor data.
Create an incident response plan that involves compliance to address regulatory reporting obligations including federally required filings such as a SAR, FINRA 4530, and state requirements.
Explore supervisory controls for designing, implementing, and testing cyber policies, or conducting tabletop exercises.
Discuss Cyber related best practices for complying with regulatory obligations, including requirements as part of the SEC’s anticipated Rule 10, Reg SCI and Reg S-P.