The Securities and Exchange Commission has released a guide to best practices to combat cybersecurity infractions, data loss and privacy breaches.
In its 13-page Cybersecurity and Resiliency Observations report, the Office of Compliance Inspections and Examinations details practices examiners have observed in the following areas: governance and risk management; access and controls, data loss prevention; mobile security; incident response and resiliency; vendor management; and training and awareness.
In sharing the staff observations, OCIE said that it encourages market participants to review their practices, policies and procedures with respect to cybersecurity and operational resiliency.
“We believe that assessing your level of preparedness and implementing some or all of the … measures will make your organization more secure,” the report states.
“As markets, market participants, and their vendors have increasingly relied on technology, including digital connections and systems, cybersecurity risk management has become essential,” the report adds.
“Indeed, in an environment in which cyber threat actors are becoming more aggressive and sophisticated — and in some cases are backed by substantial resources including from nation-state actors — firms participating in the securities markets, market infrastructure providers and vendors should all appropriately monitor, assess and manage their cybersecurity risk profiles, including their operational resiliency.”
In the area of mobile security, for instance, “mobile devices and applications may create additional and unique vulnerabilities,” the report notes.
The report can be viewed here.
Secure Working From Home During Coronavirus
In the wake of the coronavirus, many organisations internationally are allowing people to work from home to lessen the risk of contagion, but is this wise from a cybersecurity point of view? While companies generally have a cybersecurity policy in place that governs the use of anti-virus and firewall protection, individuals without any tech knowledge could fall foul of cybercriminals.read more
Crypto Miners, Targeted Ransomware Dominate the Threat Landscape
Twenty-eight per cent of all organisations worldwide were impacted by malicious multi-purpose botnets and targeted ransomware attacks rose by 20% according to Check Point Research, the Threat Intelligence and Research arm of Check Point Software.read more
Kaspersky's Top 7 Mobile Security Threats in 2020
Mobile device security threats are on the rise. In 2014, Kaspersky detected almost 3.5 million pieces of malware on more than 1 million user devices.read more
SEC Releases Guide To Combat Cybersecurity Threats
The Securities and Exchange Commission has released a guide to best practices to combat cybersecurity infractions, data loss and privacy breaches.read more