Cybersecurity continues to be a priority for the SEC amid rapid changes and developments in the types of cyber threats faced by fund managers. A recent panel on this topic presented at Troutman Sanders’ 2019 Private Funds Forum was moderated by Troutman Sanders partner Wynter L. Deagle and featured Charles Daly, manager of compliance services at Constellation Advisors, LLC (Constellation); Chris Haley, legal technology director of Troutman Sanders eMerge; John Araneo, managing director and general counsel of Align Cybersecurity; and John O’Neill, senior principal consultant at ACA Compliance Group. This first article in a two-part series highlights key points from the panel’s discussion on the SEC’s evolving cyber policy; general and cyber SEC sweep examinations; certain challenges arising from differing state privacy laws; and tips for developing an effective cybersecurity program. The second article
will enumerate considerations for how fund managers can respond to data breaches, including when they are outsourcing the chief technology officer and other cyber program functions. For commentary from a managing director at Constellation, see our two-part series on understanding the SEC’s National Exam Program: “How OCIE Selects Advisers to Examine
” (Jul. 12, 2018); and “Recent Exam Trends and How Fund Managers Can Determine the Type of Exam OCIE Is Conducting
” (Jul. 19, 2018).