On March 15, 2023, the U.S. Securities and Exchange Commission (“SEC”) released its proposal to amend Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information (the “Proposed Amendments”), while simultaneously issuing two additional cybersecurity-related rule proposals and re-opening the comment period for its previously proposed cybersecurity risk management rule released in February 2022. This set of sweeping reforms makes it clear, if not already, that the SEC is serious about implementing comprehensive cybersecurity and privacy standards across its regulated entity population — including investment advisers. However, the Proposed Amendments are already subject to criticism, most notably by Commissioner Pierce in her accompanying Statement, due to the likely burdens and costs of implementation, as well as the potential for conflicts with existing state laws. Moreover, the Proposed Amendments would create additional exam and enforcement risk where disclosure of certain cyber events is deemed – after the fact – not to have been prompt or accurate enough.