Is Your Firm Ready for the SEC?



             How To Prepare for the Regulations of Tomorrow

             By Jason Elmer, Founder and President of Drawbridge



            It is no secret that cybersecurity regulations are on the rise: in 2022, the U.S. Securities and Exchange
            Commission (SEC) proposed cybersecurity rules that would affect all firms in the alternative investment
            industry.  In  addition  to  the  processes  already  examined  such  as  risk  assessments  and  vulnerability
            management, the SEC also proposed conducting compliance checks around board oversight, incident
            response and annual reviews that require enhanced reporting. While these are only proposals for now,
            they represent a revolutionary shift in how the SEC will conduct due diligence in the future.













































            For many firms, new layers of cybersecurity and new compliance requirements can seem overwhelming.
            But if the SEC proposed rule changes tell us anything, it is that firms must take a proactive rather than
            reactive approach to ensuring their cyber posture ahead of the new rules expected in 2023, following the
            SEC reopening the comment period for another 60 days. Cybersecurity is no longer a checklist item to




                                                                                                             116