(Bloomberg) -- Gary Gensler is considering expanding the Securities and Exchange Commission’s cybersecurity rules.

Gensler on Monday questioned whether the SEC’s cornerstone cyber and compliance rules should apply to market-making firms and brokerages, in addition to stock exchanges and clearinghouses. Separately, he reiterated the agency will propose that the regulations cover Treasury trading platforms. 

The SEC passed Reg SCI in 2014 to bolster trading systems that underpin U.S. markets and have more oversight of their underlying technology. 

“A lot has changed,” Gensler said in remarks prepared for a Northwestern University law school event. “Thus, I’ve asked staff how we might broaden and deepen this rule.”

Gensler also discussed:

  • Possibly changing the timing and what investment companies, advisers and brokerages must disclose after a data breach
  • Altering what corporations disclose about their cyber risks and cybersecurity practices
  • Potential regulations for third-party service providers

©2022 Bloomberg L.P.