All Regulation SP articles
Regulators often say they want “reasonable” precautions when spelling out expectations on cyber-security. But with a plethora of guidance and frameworks to consider, what does that mean—and does “reasonable” depend on industry and company size? A small summit meeting of cyber-security voices debated that question in Boston recently; we have ...
An investment adviser firm in St. Louis has become the (painful) test subject for the SEC’s attitude on cyber-security matters. The case, observers say, is a warning that the agency is moving away from guidance and toward enforcement. So what will the SEC consider to be “reasonable” security efforts? Will ...