The U.S. Securities and Exchange Commission (SEC) has updated its rules concerning how Wall Street investment companies detect and respond to data breaches. This marks the first substantial revision of customer data privacy regulations since 2000.
The updated regulations reflect the evolving nature and increased severity of cyber threats over the past two decades. SEC Chair Gary Gensler emphasized the urgency of these changes, noting that the landscape of data breaches has transformed dramatically, necessitating a modernized regulatory approach.
Under the new rules, investment advisors, broker-dealers and investment companies must inform their customers of data breaches within 30 days of detection. This prompt notification requirement is aimed at ensuring transparency and enabling customers to take timely protective actions.
Additionally, the updated regulations mandate that these entities establish and maintain comprehensive incident response programs. These programs are designed to detect, respond to and recover from data breaches effectively, thereby mitigating potential damages and restoring security swiftly.
To further fortify the financial industry’s defenses against cyber threats, the new rules compel investment advisors and companies to address technological advancements and emerging cybercrime risks proactively. This involves regular updates to security measures and continuous monitoring for vulnerabilities.
The SEC’s unanimous approval of these updated Wall Street regulations underscores the critical need for robust data breach protection in the financial sector. Larger investment entities are given 18 months to comply with the new requirements, while smaller entities have 24 months to implement the necessary changes following updates to the federal registration system.
The regulatory overhaul comes amid rising concerns about the security of financial institutions. Recently, over 1,500 global financial institutions were targeted by the Grandoreiro banking trojan, highlighting the persistent and sophisticated nature of cyber threats facing the industry.
Source: Spice Works
Featured News
Big Tech Braces for Potential Changes Under a Second Trump Presidency
Nov 6, 2024 by
CPI
Trump’s Potential Shift in US Antitrust Policy Raises Questions for Big Tech and Mergers
Nov 6, 2024 by
CPI
EU Set to Fine Apple in First Major Enforcement of Digital Markets Act
Nov 5, 2024 by
CPI
Six Indicted in Federal Bid-Rigging Schemes Involving Government IT Contracts
Nov 5, 2024 by
CPI
Ireland Secures First €3 Billion Apple Tax Payment, Boosting Exchequer Funds
Nov 5, 2024 by
CPI
Antitrust Mix by CPI
Antitrust Chronicle® – Remedies Revisited
Oct 30, 2024 by
CPI
Fixing the Fix: Updating Policy on Merger Remedies
Oct 30, 2024 by
CPI
Methodology Matters: The 2017 FTC Remedies Study
Oct 30, 2024 by
CPI
U.S. v. AT&T: Five Lessons for Vertical Merger Enforcement
Oct 30, 2024 by
CPI
The Search for Antitrust Remedies in Tech Leads Beyond Antitrust
Oct 30, 2024 by
CPI