this post was submitted on 26 Jun 2025
1 points (100.0% liked)

cybersecurity

15 readers
1 users here now

This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.

founded 2 years ago
MODERATORS
[email protected]
1
Is CIS 18 appropriate for SEC compliance? (zerobytes.monster)
submitted 6 days ago by [email protected] to c/[email protected]
0 comments fedilink hide all child comments
 
The original post: /r/cybersecurity by /u/BeNiceToYerMom on 2025-06-26 06:26:30.

Hey all,

I’m helping a very small investment firm with their security. They fall under the mandate of the SEC’s cyber compliance regime. Upon investigation, I found woefully little prescriptive guidance from the SEC about how to satisfy an SEC cyber audit. It’s almost as if the guidance is, “Get secure. If we audit you, you’ll find out whether you made the right choices.”

I’m a big fan of CIS 18 for small businesses. Is it appropriate to help this firm get compliant with IG1 as a way to satisfy an SEC audit if one ever occurs?

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here