SEC cyber rules risk creating web of confusion and costs

Proposals would require breach notifications, public disclosures and annual cyber assessments

The cyber attack on trading services provider Ion Group has pushed these incidents to the top of everyone’s agenda. But an intervention by the US Securities and Exchange Commission on the subject of cyber security may be a case of right time, wrong rules, say financial institutions.

Complicating the matter is that – in what has become something of a repeated pattern for SEC chair Gary Gensler – the agency intends to create and amend multiple rules at the same time. Add to this complex set of

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact info@risk.net to find out more.

Sorry, our subscription options are not loading right now

Please try again later. Get in touch with our customer services team if this issue persists.

New to Risk.net? View our subscription options

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here