The SEC’s Office of Compliance Inspections and Examinations (OCIE) yesterday published its Cybersecurity and Resiliency Observations. Stating that it was “providing these observations to assist market participants in their consideration of how to enhance cybersecurity preparedness and operational resiliency,” OCIE detailed its observations in the following areas:
- Governance and Risk Management
- Access Rights and Controls
- Data Loss Prevention
- Mobile Security
- Incident Response and Resiliency
- Vendor Management
- Training and Awareness
The document can be found here: https://www.sec.gov/files/OCIE%20Cybersecurity%20and%20Resiliency%20Observations.pdf