Wilmington – Delaware’s Investor Protection Unit is participating in a nationwide project to gauge the strength of Delaware investment advisers’ cybersecurity systems, Delaware Attorney General Beau Biden announced today.
Delaware law requires investment firms to register with the state’s Investor Protection Unit, which is in the Fraud Division of Biden’s Department of Justice. Recently, Investor Protection Unit Director Owen Lefkon sent surveys to 44 investment companies. The surveys, which are due to be returned by October 31, cover areas such as whether the investment adviser has experienced a cybersecurity event in the past year, experienced loss or theft because of a cybersecurity breach and when the adviser last underwent a cybersecurity threat assessment.
“Financial information is some of our most-sensitive private, personal data,” Biden said. “Financial services firms have a responsibility to protect personal data, and the results of these surveys will help our Investor Protect Unit ensure the data is protected as strongly as possible.”
The survey was developed by the North American Securities Administrators Association (NASAA), of which the Delaware Investor Protection Unit is a member. The survey project is designed to help regulators better understand the technology and data practices of state-registered investment advisers; how these advisers communicate with clients; and what types of policies and procedures these advisers currently maintain. The pilot project also focused on specific uses of technology and Web sites, with a goal of understanding the safeguards used by state-registered investment advisers to protect client information; to inform state examination programs; and to identify national cybersecurity trends relevant to state-registered investment advisers.
“As the investment business is increasingly conducted over the Internet, the potential for identity theft and other security breaches has risen as well.” IPU Director Lefkon wrote in the letter to investment firms. “It is thus ever more important to ensure that registered firms and individuals take reasonable and adequate precautions to protect the security of information stored in computers and communicated over the Internet.”
# # #Related Topics: consumer protection • consumers • fraud
Built by the Government Information Center