With cyber security breaches occurring daily, financial firms need to be prepared. The SEC has already had several cyber security initiatives for broker dealers and registered investment advisors (RIA’s) for future examinations. Although cyber security breaches are unpredictable, there are some simple measures to follow.
The easiest to prepare for but most vulnerable risk are employees. It’s very important to have annual cyber security safety precaution meetings and cyber security trainings. People forget how vulnerable they can be with cyber security. Employees should be cautious with strange emails, opening files, downloading files, clicking on strange site links, accessing public WiFi’s, and losing mobile devices. With proper training, employees can be the first line of defense against initial cyber attacks. Employees should also notify the IT team with these initial early warning signs of security threats.
Secure Socket Layer (SSL) should be used anytime a client is accessing brokerage account details or sensitive information. When a SSL is used, data is encrypted and sent to the intended server. The data becomes unreadable to any other server other than the original destination server. This makes it so that there are only two known parties sending information to each other. This also helps eliminate man in the middle information leakage.
Another added precaution is using anti bot technology such as NoMoreCaptchas at the user login. This makes it so that bots are instantly detected and unable to log in. Most cyber attaches come from automated program bots. There is a 6 month Free trial if you message me.
Limit log in attempts on your site. This helps prevent manual log ins from randomly guessing your username and password. It usually locks them out of the site for a set period of time. Even if they guess your username and password, it would fail to log in properly once the lock out period starts.
A further security step is to use eDNA which eliminates multifactor authentication (MFA). eDNA is unhackable and unspoofable user login with an encrypted non-deterministic 16 million character password. It is said to be “The Ultimate Password”.
The financial industry is to be the fastest growing cyber security market that is non-government estimated at $77B in 2015 to 2020 cumulative revenues. The SEC and banking regulatory bodies will be keeping a watchful eye on broker dealer and RIA security measures.