The Securities and Exchange Commission will invest in more cybersecurity specialists this year, but will not issue further regulation around the issue, advisory firm Duff & Phelps predicts.
“If you’d asked me last year [if further regulation would be introduced], I would have said ‘yes.’ We’re a year ahead and nothing has happened yet,” said Jason Elmer, cybersecurity consultant at Duff & Phelps, during a panel discussion in London on Thursday.
He added the SEC is likely to follow the National Futures Association in increasing the number of cybersecurity experts among its ranks.
Proposed SEC rules that require registered investment advisors to adopt and implement written business continuity and transition plans – which would be implemented in the event of a cyber-attack – remain outstanding, but the agency has not published any other cybersecurity-related proposals. The agency has said cybersecurity remains a top priority for examinations over the coming 12 months.
More generally, the panel expect Donald Trump’s election to have an impact on SEC enforcement.
“The level or amount of enforcement action [may change]. Some say that routine exams may not change, but what goes through enforcement will lighten up,” Lombardy said.