October is National Cybersecurity Awareness Month (NCSAM), an initiative spearheaded by the U.S. Department of Homeland Security and the National Cyber Security Alliance. The effort includes extensive media coverage and industry collaboration, which means your clients may be hearing a lot about this in the next few weeks. This year’s theme, Own IT. Secure IT. Protect IT. encourages individuals to be proactive about taking control of their digital security, which may lead to an increase in client inquiries about protecting their data.
Here are three tips to help reassure clients and keep their information safe:
Tip 1. Review your internal cybersecurity policies and procedures
25% of state registered investment advisors demonstrate deficiencies in cybersecurity1. And, according to FINRA, while broker-dealers have been strengthening their cybersecurity programs, there are still issues that need to be addressed. Both FINRA and the SEC offer resources for protecting financial organizations and their clients against data breaches. Preventative measures include:
1. Assessing potential risks, including a firm-wide inventory of assets and sensitive client data exposures
2. Developing written policies and protocols to protect data and detect dangers
3. Creating procedures to respond to threats and recover information
Tip #2. Educate your clients
70% of hacking attacks start with a phishing email2, many of which are from sophisticated cyber criminals purporting to be financial institutions. In a phishing attack, a scammer delivers a fake email directing individuals to update or confirm financial information in order to gain access to financial accounts, passwords and pins. FINRA reports that phishing attacks remain a top cybersecurity challenge and pose a serious threat to investors. To protect clients, make sure they know about your information sharing protocols. You can also provide tips for identifying phishing scams, for example, warn them not to click on links to financial accounts or respond to emails asking for confidential information. And remind them to request their credit report each year, to check for fraudulent transactions and accounts they did not open.
Tip 3. Provide reassurance 41% of investors say they are concerned about cybersecurity as a threat to company growth prospects3, which means that, in addition to privacy concerns, many investors worry about how the risk of a cyberattack might affect their investments. If this is an issue on your clients’ minds, you can discuss the steps you are taking to keep their data safe.
1 2019 Investment Adviser Coordinated Examinations Report, North American Securities Administrators Association, Information pulled September 30, 2019, https://s30730.pcdn.co/wp-content/uploads/2019/09/2019-IA-Coordinated-Examinations.pdf
2 Internet Security Threat Report, Symantec, 2014 and February 2019, https://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_v19_21291018.en-us.pdf
3 Anxious optimism in a complex world, 2018 Global Investor Survey, pwc, https://www.pwc.es/es/encuesta-mundial-ceos/assets/pwc-global-investor-survey-2018.pdf