Posted by fi360 on August 25, 2016
How prepared is your practice for a cyberattack? Is cybersecurity important to your practice or is it an after thought? Do you view cybersecurity as part of your fiduciary duties?
Wes Stillman, Founder and President of Rightsize Solutions, recently co-presented in an fi360 webinar stating that nearly 1.8 million data records are breached every day* and financial services firms are not immune from such attacks. Securing and protecting your business data is increasingly important in your role as a fiduciary.
While laws and regulations are yet to answer whether cybersecurity is a fiduciary duty, you should have a well-planned approach to managing cyber threats.
The SEC has a growing interest in cybersecurity and since 2014, has conducted a series of examinations to assess cybersecurity risks and preparedness in the securities industry. As a result, they issued Risk Alerts concentrated on six different areas of cybersecurity including governance and risk assessments, access rights and controls, data loss prevention, vendor management, training, and incident response.
Here are six steps you can take to build your fiduciary readiness around cybersecurity:
- Build your awareness of cybersecurity issues and management principles
- Assess cyber risks: prioritize and scale attention accordingly
- Establish due diligence criteria for vendor selection and monitoring
- Document a management plan and decision-making processes
- Stay current on regulatory and marketplace developments
- Recognize the obligation to be reasonable, not infallible. Follow industry norms and do business with reputable firms.
For more information on the above steps, visit the resources provided below.
Protecting your business data is important to your practice and to your responsibility as a fiduciary. Don’t get caught off guard, prepare yourself and your practice now to manage cyber threats..