A Practical Approach to Navigating the New Cybersecurity Legal and Regulatory Landscape

In recent years, there has been a resounding surge of new cybersecurity laws and regulations, both within the U.S. and around the world, including among certain key jurisdictions for managers such as the E.U. and Cayman Islands. This trend has generally created a complex, fragmented, jumble of global reg-tech jurisprudence – and 2023 is shaping up to be the most frenzied year of cybersecurity regulatory change to date. The federal government has more than a dozen new cybersecurity laws and regulations locked and loaded, several of which are being promulgated by the SEC, with iterations for public companies and various types of market entities, including investment advisers. This guest article by John T. Araneo, partner at Cole‑Frieman & Mallon and head of the firm’s cybersecurity law practice, provides a simple, plain English explanation of the fundamental elements of the SEC’s proposed cybersecurity risk management rule for investment advisers, discusses how this new cybersecurity compliance regime may work and supplies some clear next-step action items that investment advisers should consider taking. For additional commentary from Araneo, see “How Fund Managers Can Prepare for the Latest SEC Cyber Sweeps” (Jul. 11, 2019).

To read the full article

Continue reading your article with a HFLR subscription.