CPAs and Advisors with Your Growth in Mind

Technology and Health & Life Sciences

COSO and SEC Issue Guidance on Cybersecurity

In recent weeks, the Committee of Sponsoring Organizations of the Treadway Commission (“COSO”) and Securities and Exchange Commission (“SEC”) have published new guidance to help organizations address and effectively manage cybersecurity.

Announced in mid-January, COSO in the Cyber Age offers assistance on the 2013 COSO Internal Control-Integrated Framework and Enterprise Risk Management-Integrated Framework. Released as a research report, the document helps with the recognition and implementation of internal control components and principles. Written by Mary Galligan and Kelly Rau, COSO in the Cyber Age also stresses the importance of making cyber risk management a priority, and suggests that organizations ask the right questions.

Earlier this week, the SEC issued two publications that offer investors at brokerage and advisory firms advice for protecting online investment accounts. The first publication, a Risk Alert from the agency’s Office of Compliance Inspections and Examinations, features opinions based on the examinations of over 100 broker-dealers and investment advisers. The examinations concentrated on how such firms recognize cybersecurity risks, create policies and procedures, secure networks and information, and identify unauthorized activity. As for the second publication, an Investor Bulletin by the SEC’s Office of Investor Education and Advocacy, the guidance offers essential tips for safeguarding online investment accounts. Such tips include creating a strong password, implementing a two-step verification process, and being wary of public networks and wireless connections.

For guidance on cybersecurity matters, the experienced professionals of our Firm’s Technology & Life Sciences Group are available to assist.