The US Securities and Exchange Commission (SEC) has for the first time issued a proposal for cybersecurity rules, procedures and data breach prevention measures for investment funds and advisers. If approved, the measures will require thousands of companies to report cyberattacks within 48 hours. The proposals require funds and registered investment advisers to develop written policies and procedures to address cybersecurity incidents and record them. The proposals also require them to disclose the circumstanced of the incidents to investors and report them to regulators.
Read more on the Wall Street Journal here