Cybersecurity - Overview

The Financial Information Forum has launched a Cybersecurity/Reg SCI Working Group.  While the working group will primarily focus on cybersecurity best practices, regulatory examinations, and responses to rule proposals affecting cyber issues, the working group is also intended to help assist member firms with Reg SCI compliance, as well as to educate and assist member firms that are not yet Reg SCI entities (Broker-Dealers, ATSs, Service Bureaus) with gaining a better understanding of Reg SCI best practices for incorporation within their firm.  Some of the topics that the working group will focus upon include:

  • Member information sharing regarding industry best practices around cybersecurity and data protection.
  • Feedback from peer firms who have previously underwent cybersecurity sweeps.
  • Review of regulatory frameworks affecting cybersecurity; including NIST Standards, the IOSCO Framework, and guidance issued by FINRA, CFTC, and the SEC.
  • Review and respond to potential upcoming regulatory initiatives that focus on cybersecurity and data protection.
  • Updates on testing procedures and requirements.
  • Updates on additional Reg SCI requirements and the possible extension to non-ATS broker-dealers.
  • Procedures and dates related to Reg SCI and BCP Industry Testing, including updates on schedules and milestones.
  • Reviews and discussion on Reg SCI requirements and certification procedures.
  • Provide dialogue on industry best practices regarding specific components of Reg SCI and Cybersecurity, including:
      • Systems Development Lifecycle
      • Change of Management Procedures
      • Vendor Management

FIF is also reviewing potential overlap and impact of Reg SCI testing requirements with the efforts of our members to address their respective Business Continuity Planning (BCP) initiatives and will similarly provide assistance as needed.

© 2024 Financial Information Forum

Press enter to search
Press enter to search

Interested in joining us?

Download membership kit

Key Reasons to Join

  1. Stay informed on Current Regulatory and Market Initiatives
  2. Drive Industry Issues to Successful Resolution
  3. Impact the implementation timing and methodology of new rules
  4. Apply FIF Insight Within Your Firm