On September 25, 2017, the SEC announced the creation of a dedicated Cyber Unit within the Enforcement Division, which will focus on targeting cyber-related misconduct. The announcement comes on the heels of the recently disclosed 2016 hack of the SEC’s EDGAR system that resulted in illicit trades on the basis of nonpublic information and included personal information of two individuals. According to the SEC’s press release, the Cyber Unit has been in the planning stages for months. Robert A. Cohen, who has served as Co-Chief of the Market Abuse Unit since 2015, has been appointed Chief of the Cyber Unit. The Cyber Unit will include staff from across the Enforcement Division.
The SEC’s press release states that in creating the Cyber Unit, the SEC seeks to leverage the Enforcement Division’s expertise on targeting cyber-related misconduct and complement Chairman Jay Clayton’s parallel initiative to implement an internal cybersecurity risk profile. Specifically, according to the press release, the Cyber Unit will target various types of cyber-related misconduct, including, but not limited to: (i) hacking to obtain material nonpublic information, (ii) market manipulation schemes where false or misleading information is spread on social media, (iii) violations involving distributed ledger technology, (iv) violations on the dark web, (v) hacks into retail brokerage accounts and (vi) cyber threats to trading platforms and other market infrastructure. The Cyber Unit will consolidate the Enforcement Division’s recent focus on cybersecurity enforcement challenges, as reflected by the dedicated Cybersecurity page on the SEC website that compiles investor alerts, enforcement actions and other SEC resources relating to cybersecurity.
The SEC’s press release announcing the creation of the Cyber Unit is available at:
More information on the SEC’s cybersecurity efforts is available at: https://www.sec.gov/spotlight/cybersecurity