The 2017 examination priorities disclosed by the Securities and Exchange Commission and the Financial Industry Regulatory Authority include, among other themes, a strong focus on cybersecurity. During audits, these agencies will confirm that advisors have clear security protocols in place to protect sensitive financial information, and that they’re testing them regularly.
Below are some of the best practices advisors can harness to ensure they comply with SEC and Finra cybersecurity regulations.
1) Establish cybersecurity policies
The protection of clients’ sensitive financial data needs to be top of mind across a practice to adequately prevent cyberattacks and comply with SEC/Finra standards.
Advisors should draft clear cybersecurity prevention and recovery measures, and require that every staff member read and understand them. Monthly or quarterly meetings to update all staff on the latest cyberthreats are crucial for stopping hackers from infiltrating your systems.
2) Test cybersecurity controls
Advisors need to regularly test cybersecurity controls to confirm that they work, document the testing results, and correct problems on a timely basis. MORE