Technology security and Cybersecurity has a special significance for organizations in the financial services industry. Firms regulated by the SEC not only have to comply with standard best practice security requirements but have a unique compliance standard issued by the National Institute of Standards and Technology. Every year Cybersecurity increases in priority for the SEC. In April of 2015, the SEC’s Office of Compliance, Inspections and Examinations (OCIE) began issuing a specific framework for Improving Critical Infrastructure Cybersecurity. This framework set the stage to allow the SEC to conduct more specific Cybersecurity audits over the next two years. While the new Guidance Update is still fairly broad and high level it does provide more detail on what reasonable security measures are than the SEC has previously offered.
As an IT consulting firm that has financial services firms as clients, ATB has experience conducting the necessary audits and developing the documentation to provide the information required by the OCIE. However, what sets us apart from other IT firms is that we take the documentation acquired through the audit process and use it as a basis for company policy manuals. Material such as company hand books, disaster recovery documentation and human resource requirements all can be based on the finding of our security audit. Our expert consultants leverage all of this information to provide informative, valuable employee training sessions which can be used for continuing education.
If your organization is governed by the SEC you must implement a three step approach:
Completing this process while still handling your regular daily duties could be a monumental task. ATB Technologies can direct this entire process and provide the necessary employee training for you organization to remain compliant. Schedule your first meeting with ATB Technologies to address this regulation.