December 6, 2021

Volume XI, Number 340


December 06, 2021

Subscribe to Latest Legal News and Analysis

OCIE Issues Ransomware Risk Alert

Responding to an apparent increase in sophistication of ransomware attacks on SEC registrants, and attacks impacting registrants’ service providers, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a risk alert on July 10, 2020 encouraging market participants to consider enhancements to cybersecurity preparedness and operational resiliency to address these attacks. OCIE cited the importance of assessing, testing and periodically updating incident response and resiliency policies and procedures, such as contingency and disaster recovery plans, in maintaining operational resiliency. OCIE also suggested measures such as:

  • awareness and training programs, including phishing exercises;

  • programs to ensure all firmware, operating systems and other applications are updated and have the appropriate anti-virus and anti-malware solutions;

  • policies and procedures to limit access and controls so users operate with only those privileges necessary to accomplish their tasks (i.e., least privilege access); and

  • implementing perimeter security capabilities, such as firewalls, intrusion detection systems, email security capabilities and web proxy systems with content filtering.

In addition to the foregoing, OCIE encouraged registrants to monitor the cybersecurity alerts published by the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA). CISA Alerts are available here.

You can read the full risk alert here.

© 2021 Vedder PriceNational Law Review, Volume X, Number 220

About this Author

John Marten Investment Attorney Vedder Price Law FIrm

John S. Marten, a Shareholder in the Chicago office of Vedder Price, has substantial experience representing clients in the investment management industry.

As a member of the firm’s Investment Services group, Mr. Marten counsels clients on a wide variety of matters involving the application of the federal securities laws to investment companies, investment advisers and broker-dealers. He has significant experience counseling investment company clients with respect to new products and was recently involved in the creation of two mutual funds...

(312) 609 7753
Nathaniel Segal Investment Attorney Vedder Price Law Firm

Nathaniel Segal is counsel at Vedder Price and a member of the Investment Services group. He focuses his practice on investment companies and investment advisers in connection with the organization and operation of investment products and services, including traditional mutual funds, closed-end investment companies (including interval funds and listed closed-end funds), variable insurance products and registered hedge funds, as well as mutual funds utilizing complex hedging and absolute return strategies. Mr. Segal has experience in conducting transactional due diligence...

(312) 609 7747
Jacob Tiedt,Vedder Price law firm investment services attorney

Jacob C. Tiedt is a Shareholder at Vedder Price and a member of the Investment Services group.

Mr. Tiedt’s practice includes the representation of registered mutual funds, closed-end funds and exchange-traded funds; private funds; investment advisers; and other financial institutions on a broad range of regulatory, governance and compliance matters. Mr. Tiedt regularly counsels clients on matters relating to SEC registration, disclosure and compliance; shareholder solicitation; NYSE, Nasdaq and FINRA regulation; corporate governance; and board administration. Mr....

Kelly Carr Investment Attorney Vedder Price

Kelly Pendergast Carr is an Associate at Vedder Price and a member of the firm’s Investment Services group in the Chicago office.

Ms. Carr focuses her practice on representing registered investment companies, including mutual funds, closed-end funds and exchange-traded funds (ETFs), as well as their independent directors and investment advisers. She assists these clients with regulatory, transactional and compliance matters.