Information Shield addresses SEC Information Security Requirements

Houston, Texas – Information Shield today announced that their latest information security product – ComplianceShield – can be used by clients to save time and money addressing security requirements from the Securities and Exchange Commission (SEC.)

Since the SEC originally established requirements for protecting sensitive financial information, it has increased focus on the cyber security practices of member firms.  Updated audit guidelines are establishing more best practices to adopt, and SEC Chairman Mary Jo White recently stated that cyber security was the single greatest risk to the stability of financial networks.

“The SEC requirements specify that firms must adopt written information security policies that protect information and are tailored to the specific needs of the organization.” said David Lineman, President of Information Shield.  “Using ComplianceShield, firms can save hundreds of hours in defining, documenting and demonstrating a robust information security program.”

SEC Cyber Security Program Requirements

In their April 2015 guidance, the SEC provides the following general requirements:

In the staff’s view, funds and advisers should identify their respective compliance obligations under the federal securities laws and take into account these obligations when assessing their ability to prevent, detect and respond to cyber attacks. Funds and advisers could also mitigate exposure to any compliance risk associated with cyber threats through compliance policies and procedures that are reasonably designed to prevent violations of the federal securities laws.
Defining and Documenting a Robust Information Security Program

ComplianceShield helps firms address these requirements by enabling them to quickly define the controls required for a robust information security program.  Using a wizard-driven interface, clients can obtain a customized baseline of information security controls in minutes.  Once defined, clients can quickly document their program using the library of built-in information security policy templates.  Compliance tracking and reporting features make it easy for the firm to document their entire program to internal or external auditors.

A free trial of ComplianceShield is available to firms who want to save money and time managing their cyber security program.