SEC Initiative to Focus on Cybersecurity

May 8, 2014

On April 15, 2014, the Office of Compliance Inspections and Examinations (“OCIE”) of the Securities and Exchange Commission (the “SEC”) issued a risk alert providing information concerning its initiative to assess cybersecurity preparedness in the securities industry (the “Cybersecurity Initiative”).  As part of the Cybersecurity Initiative, OCIE will conduct examinations of more than 50 registered broker-dealers and registered investment advisers, focusing on areas related to cybersecurity.  The Cybersecurity Initiative is designed to assess cybersecurity preparedness in the securities industry, to obtain information about recent experiences with certain types of cyber threats, and to identify areas in which the SEC and the industries it regulates can work together to protect investors and the capital markets from cybersecurity threats.
Although OCIE will examine only a small percentage of the broker-dealers and investment advisers registered with the SEC as part of the Cybersecurity Initiative, it has publicly released a sample of the request for information and documents that it intends to use in connection with the initiative.[1]  The sample request for information and documents can be, and is intended by OCIE to be, used by compliance professionals to assess their firms’ level of preparedness, regardless of whether their firms are included in OCIE’s examinations.

If you have questions concerning OCIE’s Cybersecurity Initiative or other compliance or examination matters, or would like more detailed information, please do not hesitate to contact any of the attorneys referenced below.

Erik A. Bergman
(203) 325-5026 or

Matthew S. Eisenberg
(203) 325-5084 or

Harold B. Finn III
(203) 325-5029 or

Richard Kilbride
(203) 325-5075 or

Reed W. Balmer
(203) 325-5011 or

Justin J. Shigemi
(203) 325-5065 or

Finn Dixon & Herling LLP is a law firm with extensive experience providing corporate, transactional, investment management, securities, tax, executive compensation, bankruptcy and litigation counsel. Our clients include large and small corporations, venture capital and private equity firms, financial institutions, hedge funds and other investment funds, investment advisers, broker-dealers, public and private businesses, executives, management teams and entrepreneurs.

Copyright © 2014 Finn Dixon & Herling LLP. All Rights Reserved. These materials may not be reproduced or disseminated in any form without the express permission of Finn Dixon & Herling LLP. These materials are intended to inform our clients and friends about developments in the law. They are not intended to constitute a legal opinion or advice or to address any client’s legal problems or specific situations. The format of these materials, and the complex nature of the subject matter, required the making of general statements that summarize an extremely complex body of law and that may be incomplete in some respects. Accordingly, the reader is cautioned against using any of this material in specific situations without obtaining the advice of competent counsel. In light of the foregoing, and the general nature of these materials, these materials should not be regarded, or relied upon, as legal advice.

[1] The sample request for information and documents that OCIE intends to use in connection with the Cybersecurity Initiative appears as the appendix to OCIE’s National Exam Program Risk Alert regarding its Cybersecurity Initiative, available at