Cyberattacks are expensive–they cost $2.7 billion in 2018, according to the FBI. But, they can also damage the trust you’ve built with your clients. Beyond the cost and potential loss of trust, there is a regulatory concern as the SEC and state regulators are conducting cybersecurity examinations and fining firms that fail to keep data safe.
Here are some tips for FAs:
- Build a cybersecurity strategy that takes into account the ongoing costs and efforts to keep up with changing regulations and new threats.
- Keep training your staff and developing your procedures as your staff is an important part of your defense. Your employees need to know about the potential threats coming in so they can help to stop them. “Hackers rely on human error and laziness to get through, so make your team strong, arm them with knowledge and procedures,” according to the article.
- Review your vendors regularly as data breaches often begin with them. In fact, 63% of breaches begin with third-party vendors, according to the SEC. Yet, only about half of firms have formal security guidelines in place for vendors.
- Establish electronic communications rules. Hackers often go “phishing,” using personal information they found online to trick your clients into revealing sensitive information or money. You need to have protocols for protecting client records, including remote access rules and guidelines for social media. You also need to have protocols for securing hardware, such as laptops.
- Conduct periodic vulnerability tests to probe for weaknesses or breaches. “The SEC provides tests you can use, but it is highly recommended to perform your own testing and use those offered by the SEC,” according to the article.