Massachusetts Conducting Cybersecurity Practices Survey of Massachusetts-Registered Investment Advisers

June 18, 2014

On June 3, 2014, the Massachusetts Securities Division released a survey to assess cybersecurity readiness and practices of Massachusetts-registered investment advisers.

The full survey is available here.

Massachusetts-registered investment advisers need to respond to the survey by June 24, 2014. You should assess your current level of preparedness for cybersecurity threats and consider whether any changes need to be made to your current cybersecurity policies and procedures.

The survey also asks if your firm has created and implemented a written information security program to address compliance with 201 Mass. Code Regs. 17.00 which came into effect in 2010. If you haven’t already done so, you should implement a written information security program. For a summary of this Massachusetts data security law, see our February 3, 2010 and January 31, 2012 Foley Advisers.

Cybersecurity is a “hot” topic with the regulators following on from the SEC Cybersecurity Roundtable in March and the SEC issuing a Risk Alert in April. It is expected that the Massachusetts Securities Division will follow with further regulations relating to cybersecurity.