As the risks – and realities – of cyberattacks increase around the world, the SEC continues to prioritize cybersecurity for the Divisions of Examinations and Enforcement. Although standalone SEC enforcement actions related to cybersecurity risks and disclosures remain a small fraction of the Enforcement Division’s overall filed actions, enforcement trends and proposed rulemaking point toward heightened activity in the space in the years to come.
Most of the agency’s enforcement activity to date has focused on regulated entities such as investment advisers and broker-dealers. While we look forward to unpacking the SEC’s cybersecurity activity in the regulated entity space in the coming weeks, this blog’s focus is on the SEC’s 2021 cybersecurity enforcement activity related to public company issuers and looks ahead to FY 2022 enforcement.
Source:
