Are You Ready For the New Cybersecurity Rule from the TN Securities Division?

If the answer is “No”
— and let’s be honest, the answer IS No —
you are leaving yourself and your company open to
MASSIVE liability, FINES and LOST BUSINESS, LAWSUITS, and so much more…

The new cybersecurity rule for Tennessee RIAs IS EFFECTIVE AS OF July 5, and there is no grace period.

If you read our report you know that you are required to complete a risk assessment. With just days to complete this we've decided to help out state registered Tennessee RIAs and provide this for free.

These assessments normally run anywhere from $500 - $2000, and we are only offering them to TN RIAs for free until July 1.

The risk assessment is the first step in a secure Cybersecurity posture.

Our expert team of cybersecurity professionals will evaluate your RIA's security posture and identify potential vulnerabilities, ensuring you stay ahead of threats and meet regulatory requirements.

With our comprehensive risk assessment, you'll gain insights into:

  1. Vulnerability Identification: Uncover potential security weaknesses in your network, systems, and applications that could leave you exposed to cyber attacks.
  2. Compliance Readiness: Ensure that your RIA meets the necessary regulatory requirements and stays ahead of evolving cybersecurity mandates.
  3. Data Protection: Identify areas where sensitive client information may be at risk and discover strategies to enhance data encryption and protection.
  4. Incident Response Preparedness: Evaluate your RIA's ability to effectively respond to and recover from potential cybersecurity incidents, minimizing disruptions and client impact.

Take advantage of this limited time offer to fortify your RIA's security defenses and demonstrate your commitment to safeguarding client assets. Our risk assessment is designed to provide you with actionable insights to enhance your cybersecurity posture, ensuring peace of mind for both you and your clients.

Don't miss out on this opportunity! Contact us now to schedule your FREE risk assessment with CyberSecureRIA. Stay secure, stay compliant, and stay ahead of cyber threats.

FREQUENTLY ASKED QUESTIONS ABOUT THE TN CYBERSECURITY RULE

Q1: Does Tennessee law require data breach notifications?

Yes. Under Tenn. Code § 47‑18‑2107, any entity—including RIA firms—that owns or maintains unencrypted personal information must notify affected Tennessee residents if a breach occurs.

Q2: What personal information is covered?

The law covers an individual’s first name (or initial) and last name combined with at least one of:

  • Social Security number
  • Driver's license number
  • Account or credit/debit card number along with security code, access code, or password

Q3: When must breach notifications be sent?

Notifications must be provided no later than 45 days after detecting or being notified of a breach—unless law enforcement requests a delay, in which case it must still occur within that 45‑day window from the agency’s approval.

Q4: Is encrypted data exempt from the law?

Yes—if the data is encrypted and can’t be decrypted without a key (FIPS 140‑2 standard), the incident doesn’t count as a breach under Tennessee law.

Q5: What types of notification are allowed?

Tennessee permits:

  • Written notices
  • Electronic notices (if IRAs have used that method previously)
  • Substitute notices (email + website posting + state media) if over 500,000 people are affected or costs exceed $250,000

Q6: Do I need to notify credit reporting agencies or regulators?

  • If more than 1,000 residents are affected, you must notify nationwide credit reporting agencies.
  • No direct requirement to notify Tennessee regulators, unless you’re a state insurer.

Q7: What if a vendor experiences a breach?

If a third-party vendor’s breach exposes your clients’ data, you must also notify affected individuals within 45 days—just as if it happened internally.

Q8: How can RIAs ensure compliance and readiness?

CyberSecureRIA helps you:

  • Encrypt data end-to-end to qualify for “safe harbor”
  • Develop incident response plans aligned with state timing requirements
  • Create notification templates for individuals, credit bureaus, and media
  • Automate detection and monitoring to catch breaches swiftly
  • Coordinate encrypted backups, vendor assessments, and audit documentation

Limited-Time Offer for Tennessee RIAs
Are YOU Ready for the New TN RIA Cybersecurity Rule?
Gain Peace of Mind and take the First Step to Compliance With Our Risk Assessment