As markets grow more global and complex, so too are the threats through cyber intrusion, denial of service attacks, manipulation, misuse by insiders, and other cyber misconduct. In the United States, aspects of cybersecurity are the responsibilities of multiple government agencies, including the SEC. Cybersecurity also is a responsibility of every market participant. The SEC is committed to working with federal and local partners, market participants, and others to monitor developments and effectively respond to cyber threats.

CISA Highlights – Cyber Threats and Advisories

The Cybersecurity and Infrastructure Security Agency (CISA) offers the latest cybersecurity news, advisories, alerts, tools, and resources. Sophisticated cyber actors and nation-states exploit vulnerabilities to steal information and money, and they are developing capabilities to disrupt, destroy, or threaten the delivery of essential services. Defending against these attacks is essential to maintaining the nation’s security. Protecting cyber space is the responsibility of individuals, families, small and large businesses, and local and federal governments.

For more information, visit the CISA Cyber Threats and Advisories webpage.

Get Information on Ransomware

Ransomware attacks are increasing in scale, sophistication, and frequency, victimizing governments, individuals, and private companies around the world. CISA has launched StopRansomware.gov a one-stop resource for individuals and organizations of all sizes to reduce their risk of ransomware attacks and improve their cybersecurity resilience. This webpage brings together tools and resources from multiple federal government agencies under one online platform. Learn more about how ransomware works, how to protect yourself, how to report an incident, and how to request technical assistance.

Getting in the Know

The SEC’s Office of Investor Education and Advocacy issued an investor alert titled 5 Ways Fraudsters May Lure Victims Into Scams Involving Crypto Asset Securities because fraudsters continue to exploit the popularity of crypto assets to lure retail investors into scams. Crypto assets may include assets commonly referred to as cryptocurrencies, crypto, coins, and tokens.

Cyber-Related Exam Priorities

During fiscal year 2025, exam priorities by the SEC's Division of Examinations include registrants’ policies and procedures, governance practices, data loss prevention, access controls, account management, and responses to cyber-related incidents, including those related to ransomware attacks. The Division also will review alternative trading systems’ safeguards to protect confidential trading information.

SEC Resources

External Resources

Last Reviewed or Updated: Nov. 22, 2024