The SEC’s new and proposed rules on cybersecurity and cyber-incident reporting will have a dual impact on private investment advisers and funds. 

First, the proposal by the SEC will impose cybersecurity related obligations on investment advisers, registered investment companies and business development companies, with a final rule in this sector (the “adviser cybersecurity rule”) expected in April 2024.