The U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) will be conducting examinations of more than 50 registered broker-dealers and (RIA) registered investment advisers, focusing on areas related to cybersecurity.
Examinations are designed to assess cybersecurity preparedness in the securities industry and to obtain information about the industry’s recent experiences with certain types of cyber threats. These examinations will focus on:
1. Your cybersecurity governance
2. Identification and assessment of cybersecurity risks
3. Protection of networks and information
4. Risks associated with remote client access and funds transfer requests
5. Risks associated with vendors and other third parties
6. Detection of unauthorized activity
7. Experiences with certain cybersecurity threats
The Commission has provided a sample request to help all firms be prepared for this examination:
What would happen if your firm did not pass one of these audits? Do you think your clients would feel safe trusting you with their sensitive information? Making sure the points listed in the document above are covered is important, but it can also be technical and time consuming.
The best attack plan is to put together a team of professional that specialize in each area. The team should consist of a law firm, an accounting firm, and an IT security firm such as Financial Computer Services.
With ProtectIT from Financial Computer Services you will be able to show your firm’s networks and systems are up to date and secure. Our continuous reporting system can compile all of the information you will need, to provide an auditor, in minutes not days. ProtectIT will assist with the following points the exam will focus on; the identification and assessment of cybersecurity risks, protection of networks and information and the detection of unauthorized activity.
To read more:http://www.fa-mag.com/news/sec-issues-fa-cybersecurity-guidelines-17643.html?section=43