The Securities and Exchange Commission (SEC) published a rule proposal, Addressing Cybersecurity Risks to the U.S. Securities Markets, which calls for broker-dealers, the Municipal Securities Rulemaking Board, clearing agencies, major security-based swap participants, national securities associations and exchanges, security-based swap data repositories and swap dealers, and transfer agents, to address their cybersecurity risks. They will be required to adopt policies and procedures, and in the event of a significant cybersecurity incident, report to the SEC on proposed Form SCIR. In addition, these entities would need to publicly disclose summary descriptions of their cybersecurity risks and incidents. The rule calls for Form SCIR to be prepared using a custom XML schema.
Read the proposal.
Read the fact sheet.
