Greenberg Traurig’s Paul Ferrillo says the SEC’s Office of Compliance Inspections and Examinations is examining the capabilities of domestic organizations to protect against and recover from cyberattacks, to maintain the confidence of investors and the markets. The office has published guidelines to prevent attacks, and will issue critical reports about companies which do not follow them.
“To guard against disastrous cyberattacks, minimize both organizational and reputational risk, and prevent OCIE or enforcement penalties, companies and firms should understand and implement these guidelines at their earliest opportunity,” Ferrillo writes. “This benefits both the organization (to avoid potential regulatory fines and penalties, and liability to other parties affected by a breach) and any investors and limited partners, who could potentially lose millions should there be a successful breach.”
