CYBERSECURITY NEWS: SEC Observations

SEC OCIE Publishes Observations on Cybersecurity and Resiliency Practices


On Monday, January 27th 2020, the U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE”) issued examination observations related to cybersecurity and operational resiliency practices.

The observations focus on the following areas:

  • Governance and Risk Management
  • Access Rights and Controls
  • Data Loss Prevention
  • Mobile Security
  • Vulnerability Management
  • Incident Response and Resiliency
  • Vendor Management
  • Training and Awareness

In conclusion, the OCIE encourages all covered entities to review cyber practices, policies and procedures. The OCIE will continue to assess the level of preparedness of these entities and believes that implementing policies, controls, and solutions pertaining to the items noted in the report will make organizations more secure. Cybersecurity remains a prominent focus area of the SEC, and the OCIE will continue working with organizations to identify and address cybersecurity risks.

For additional information, please visit:

For additional information about how Drawbridge can help, please visit: