Investor Protection Unit gauges cybersecurity among state's investors

Delaware’s Investor Protection Unit is participating in a nationwide project to gauge the strength of Delaware investment advisers’ cybersecurity systems, Delaware Attorney General Beau Biden announced Sept. 10.

Delaware law requires investment firms to register with the state’s Investor Protection Unit, which is in the Fraud Division of Biden’s Department of Justice. Recently, Investor Protection Unit Director Owen Lefkon sent surveys to 44 investment companies.

The surveys, which are due by Oct. 31, cover areas such as whether the investment adviser has experienced a cybersecurity event in the past year, experienced loss or theft because of a cybersecurity breach and when the adviser last underwent a cybersecurity threat assessment.

“Financial information is some of our most-sensitive private, personal data,” Biden said. “Financial services firms have a responsibility to protect personal data, and the results of these surveys will help our Investor Protection Unit ensure the data is protected as strongly as possible.”

The survey was developed by the North American Securities Administrators Association, of which the Delaware Investor Protection Unit is a member. The survey project is designed to help regulators better understand the technology and data practices of state-registered investment advisers, how these advisers communicate with clients, and what types of policies and procedures these advisers currently maintain.