10.16.18
SEC Does Not 'Dictate' Cyber Controls, Cyber Chief Says
by: Melanie Waddell
In assessing firms' cyber preparedness, the SEC is “looking for firms that have significant risks that they aren't disclosing,” Robert Cohen, head of the agency's cyber unit, said Monday at the North American Securities Administrators Association's cyber roundtable. Cohen said that it's not the “SEC's approach to dictate specific [cyber] controls” on regulated entities. “I don't know that that's the most effective way to ensure compliance. We do more, especially for the financial industry, through exams, to see what they're doing and see if they're prepared.” The best source of expertise in the cyber realm, he added, “is within the industry and the consultants they employ.”
Read the full article on Think Advisor