You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

SEC Pushes Increased Cyber Vigilance

This week, the SEC's Office of Compliance Inspections and Examinations (less frighteningly, the "OCIE") put out its report on Cybersecurity and Resiliency Observations.

Before you take a nap, stick with me for 30 more seconds to get the goods.

OCIE has highlighted information security as a key risk for security market participants, and has included it as a key element in its examination program over the past eight years.

In the report, the OCIE highlights industry best practices for cyber risk management, including:

  • Governance and Risk Management
  • Access Rights and Controls
  • Data Loss Prevention (DLP)
  • Mobile Security
  • Incident Response and Resiliency
  • Vendor Management
  • Training and Awareness

Let's take a quick view into the elements of a compliant Training and Awareness program:

  • Policies and Procedures - train staff on organization's cybersecurity procedures to build a security-minded culture
  • Real-World Examples - utilize relevant training content and send real-world phishing tests
  • Measure Effectiveness - monitor every employee's performance in the program and continuously update content to match latest risks

As risks and regulations increase, financial institutions are turning to INFIMA's fully automated Cyber Security Training to keep their teams safe.
Want to learn more? Start here!

See OCIE's full publication here.
[https://www.sec.gov/files/OCIE%20Cybersecurity%20and%20Resiliency%20Observations.pdf?mod=article_inline]

Joel Cahill

Cyber security enthusiast. Entrepreneur.