SEC Cybersecurity Risk Update, Part 2: Prevent, Detect, Respond
In Part 1 of the SEC's recent cybersecurity guidance update, the regulatory body highlighted the need for cyber risk assessments across multiple areas of a registered firm's organization. Continuing to address how firms should prepare for security incidents beforehand, Part 2 of the SEC's guidance update focuses on how hedge funds and registered investment advisers should prevent, detect and respond to security incidents.
Take a look at the latest installment of our video series or scroll down to read a brief recap.
Read the Highlights
Part 2 of the SEC's cybersecurity guidance is focused on preventing, detecting and responding to cybersecurity incidents, both from a technical and operational standpoint. Here are some highlights:
Employ a security strategy that features layers of security to protect all systems and data. This includes everything from anti-virus software and hardware and software firewalls to intrusion detection systems, encryption technology and application filters.
The next step is controlling access. At Eze Castle Integration, we recommend employing the principle of least privilege across all systems and data, thereby limiting access to only those who need it.
When classifying data, firms should identify what data needs to be encrypted. Confidential data should be encrypted in transit, and some firms may determine certain critical information must be encrypted at rest, as well.
The SEC also advises firms to restrict the use of removable storage media and to deploy software that monitors technology systems for unauthorized intrusions.
A backup and retrieval process is also critical to allowing firms to recover should a cybersecurity attack occur.
Finally, rapid incident response is essential to minimizing the impact of a security breach. With a comprehensive incident response plan in place and well-communicated, employees can act swiftly and businesses can resume normal operations in a timely manner.