• Cyber attacks are increasing in size, sophistication and cost.
• Experts give advice on how financial advisors and their clients can improve cybersecurity.

Cyber theft is the fastest-growing crime in the U.S., and cost the global economy more than $450 billion in 2016, with more than 2 billion person records stolen.

By 2021, cyber crime damage costs could hit $6 trillion annually, according to a report by Cybersecurity Ventures. 

And companies are experiencing larger breaches, reported IBM. The average size of data breaches increased 1.8 percent in 2017 to more than 24,000 records, according to its 2017 cost of data breach study.

Financial advisors are increasingly aware of this threat, with 81 percent saying cybersecurity is a high priority. Yet, just 29 percent say they are "fully prepared to manage and mitigate the risks associated with cybersecurity," according to a study released last September by the Financial Planning Association's Research and Practice Institute. 

However, just in the past year, advisors have been upping their security, said Dan Skiles, president of Shareholders Service Group and a past national board member of the FPA. Not only because of what they've seen in the news, but also because some large firms have taken hits and witnessed fraud attempts firsthand.

"The first thing I remind advisors is that … everybody is on the playing field," Skiles said. "There's no spectators in this game, so an advisor cannot be sitting there thinking 'well I'm glad my IT firm is on this' or 'I hope my technology expert is taking care of this,' because the reality is these cyber security attacks can happen to anybody within the firm."

How firms can increase cybersecurity

The difficult part about cybersecurity is that the process matters more than the technology, Skiles said.

"Advisors can spend thousands of dollars on great technology infrastructure … but if one of their associates doesn't follow the rules … and they inadvertently click on a defective link, or they inadvertently respond to a fraudulent email, there's no tech spin that's going to protect you from that."

Staff training and technology go hand in hand in fighting off hackers, he said. Yet about one-third of employees aren't receiving any training related to cybersecurity, the FPA study found. And for the employees that do get trained, the average team member receives less than two hours of training per year. MORE