“Despite what you may be reading about, the SEC is still focused on cybersecurity, as are other regulators such as the DOJ and the various states,” said Thompson Hine partner Ernest E. Badway during a firm program on cybersecurity and compliance. Investment advisers and broker-dealers are facing increasing pressure to ensure they have appropriate cybersecurity defenses and incident response plans. Badway, along with Thompson Hine counsel Kimberly Pack and Frank Brennan, an associate director of forensics and incident response at PNG Cyber, LLC, discussed the current regulatory regime affecting investment advisers and broker-dealers; incident response planning; vendor risk management; and mitigation of cybersecurity risks. This article distills their insights. See “SEC 2025 Exam Priorities Stress Core Fiduciary Duties and Effective Compliance Programs” (Dec. 5, 2024).