SEC casts wider net for firms required to have written cybersecurity P&Ps

In March 2023, the U.S. Securities and Exchange Commission (SEC) reopened the comment period for its proposed Rule 10, which would require "market entities," including, among others, broker-dealers, clearing agencies, major security-based swap market participants, transfer agents and national securities exchanges — to establish, maintain, and enforce written policies and procedures reasonably designed to address their cybersecurity risks.