Cybersecurity AlertAnchin AlertFebruary 10, 2015
This past week saw a flurry of alerts regarding cyber security from both the Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA) underscoring the emphasis on cybersecurity across all areas of the financial services industry for both institutions and investors.
The SEC’s Office of Compliance Inspections and Examinations (OCIE) released a risk alert on their Cybersecurity Examination Initiative. Examining over 100 broker-dealers and investment advisers the examinations were aimed at getting a better understanding of the industry’s cybersecurity preparedness. Items of focus were how these firms were handling:
- Identification of cyber risks;
- Protection of networks and information;
- Establishment of cybersecurity policies, procedures and oversight;
- Detecting unauthorized activity;
- Identifying and addressing risks associated with the remote access to client information, fund transfer requests and third party vendors.
At the same time the SEC’s Office of Investor Education and Advocacy (OIEA) issued an investor bulletin discussing individual online protections such as:
Picking a strong password;
Use of a two-step verification login.
Avoiding using public computers to access sensitive accounts
While the SEC was sending out their alerts, FINRA was also focusing on cybersecurity, issuing two publications of its own. First was FINRA’s report on cybersecurity practices which aimed to identify best practices, based on prior examinations, for managing cyber security threats to member firms. Among the best practices mentioned were establishment of a sound framework of governance, utilization of technical and risk assessment controls, development of cyber-incident response plans and the training of staff on cybersecurity issues.
Finally FINRA issued its own investor alert aimed at helping investors practice cyber safety by safeguarding their brokerage accounts and financial information.
The publications discussed above can be found by clicking on the following links:
For more information, contact your Anchin relationship partner or Jeffrey I. Rosenthal, Partner-in-Charge of Anchin’s Financial Services Practice at 212.840.3456.