“Specifically, the proposal would:
● Require advisers and funds to adopt and implement written policies and procedures that are reasonably designed to address cybersecurity risks;
● Require advisers to report significant cybersecurity incidents to the Commission on proposed Form ADV-C;
● Enhance adviser and fund disclosures related to cybersecurity risks and incidents; and
● Require advisers and funds to maintain, make, and retain certain cybersecurity-related books and records.”
Read the summary here: