Advisors have no excuse for not taking cybersecurity seriously. They’ve heard about the risks — the potential losses to their reputations and their bottom lines. At the same time, the SEC has publicly detailed its focus areas, such as risk assessment, data loss prevention, vendor management and incident response. What has been less obvious, however, is how examiners evaluate firms to determine whether they pass the test.

 

By Wes Stillman, Read the full article here