Law360, New York ( January 12, 2015, 10:06 AM EST) -- Everywhere you look, people (including certain regulators) are wearing fitness bands that measure things like steps taken, stairs climbed, hours slept, nightmares experienced, calories burned, and questions answered (including, "What does that bracelet do?"). Although we're not aware of a fitness band for broker-dealers (BDs) and investment advisers (IAs) to put around their cybersecurity systems (although a teenager is probably building one right now — if not, dibs on the idea), firms may want to perform their own cyber-fitness assessments before the U.S. Securities and Exchange Commission or the Financial Industry Regulatory Authority walk through firms' doors to grade their cybersecurity practices.[1] If the regulators determine that a BD or an IA has failed, a promised regimen of exercise and diet may not satisfy the regulators' demand for a pound of flesh. With these precepts in mind, BDs and IAs may want to ask themselves the following cyber-fitness questions:...