On February 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed comprehensive rules for registered advisers and funds. Among other things, these rules will require advisers and funds to implement written policies and procedures designed to address cybersecurity risks, report significant cybersecurity incidents to the SEC within 48 hours using a proposed form, and keep enumerated cybersecurity-related books and records. Initial reactions have been mixed, including a published dissent from Commissioner Hester Peirce. A public comment period is ongoing.