Also in February, the Financial Industry Regulatory Authority (FINRA) issued a report to assist financial services organizations in responding to the escalating threat of cyber-attacks. The report is the result of surveys FINRA conducted in 2011 and 2014 of various types of organizations, including investment banks, online brokerages, and high frequency traders. While recognizing that there is no one-size-fits-all approach to cybersecurity, the report provides some key principles to guide industry members, emphasizing in particular the importance of (1) board- or executive-level engagement on cybersecurity issues; (2) conducting risk assessments and having a well-developed rapid response plan; and (3) taking advantage of information-sharing opportunities as additional protection against cyber-threats. The report includes information that may have relevance to non-financial firms as well, including an overview of frameworks and standards that firms may look to for guidance as they develop their approach to cybersecurity, and guidance for conducting risk assessments, implementing technical controls, developing rapid response plans, and training and overseeing staff and vendors with respect to cybersecurity issues. The full report is available here.