Cybersecurity - Overview

The Financial Information Forum has launched a Cybersecurity/Reg SCI Working Group.  While the working group will primarily focus on cybersecurity best practices, regulatory examinations, and responses to rule proposals affecting cyber issues, the working group is also intended to help assist member firms with Reg SCI compliance, as well as to educate and assist member firms that are not yet Reg SCI entities (Broker-Dealers, ATSs, Service Bureaus) with gaining a better understanding of Reg SCI best practices for incorporation within their firm.  Some of the topics that the working group will focus upon include:

  • Member information sharing regarding industry best practices around cybersecurity and data protection.
  • Feedback from peer firms who have previously underwent cybersecurity sweeps.
  • Review of regulatory frameworks affecting cybersecurity; including NIST Standards, the IOSCO Framework, and guidance issued by FINRA, CFTC, and the SEC.
  • Review and respond to potential upcoming regulatory initiatives that focus on cybersecurity and data protection.
  • Updates on testing procedures and requirements.
  • Updates on additional Reg SCI requirements and the possible extension to non-ATS broker-dealers.
  • Procedures and dates related to Reg SCI and BCP Industry Testing, including updates on schedules and milestones.
  • Reviews and discussion on Reg SCI requirements and certification procedures.
  • Provide dialogue on industry best practices regarding specific components of Reg SCI and Cybersecurity, including:
      • Systems Development Lifecycle
      • Change of Management Procedures
      • Vendor Management

FIF is also reviewing potential overlap and impact of Reg SCI testing requirements with the efforts of our members to address their respective Business Continuity Planning (BCP) initiatives and will similarly provide assistance as needed.

For further information regarding SIFMA and Reg SCI, please see:

http://www.sifma.org/issues/capital-markets/equity-markets/reg-sci/overview

 

 

Please see FIF Initiative Tracking for a full list of initiatives that this committee follows and the current documents tab for all meeting materials. Please note current meeting materials are available to members only.