The Office of Compliance Inspections and Examinations (OCIE) Cybersecurity Risk Alert reported increased ransomware attacks to SEC registrants (broker-dealers, investment advisers, and investment companies) and potentially service providers – especially if they maintain client assets or registrant records. Companies should be aware of the potential risks they face.
You have an incident – may be a breach in progress, may be a breach that happened a while ago but is just noticed – what is your incident response? What do you do? Do you have a plan? Have you tested your plan recently? Is everyone trained in their responder role?