FINRA has announced that it will be conducting an exam sweep focusing on cybersecurity issues at broker-dealers. According to their stated goals, the targeted exams hope to let FINRA: "understand better the types of threats that firms face," as well as to "understand better firms' approaches to managing these threats," among other things. They will look at approaches to IT risk assessments as well as how a firm's BCP (business continuity plan) deals with a cyber-attack event, and more. For more information on their goals and review areas as communicated to firms, see the announcement of the program here.
Further, according to this article from Mark Schoeff, Jr. over at InvestmentNews.com, the SEC will be focusing efforts on "review[ing] the resources that firms devote to information security, their policies for assessing, preventing and responding to attacks and their systems guarding against identity theft and ensuring business continuity, among other areas."