Regulation and Compliance Federal Regulation FINRA

FINRA Issues Report on Best Cybersecurity Practices

News December 21, 2018 at 10:11 AM
Share & Print

The Financial Industry Regulatory Authority has shared its Report on Selected Cybersecurity Practices — 2018 to help broker-dealers more effectively review and implement security controls.

The latest report builds on information and advice collected in the 2015 cybersecurity report. It provides more depth and detail on topics such as phishing by reviewing ways to detect attacks, even those that seem to be from trusted sources like a CEO or helpdesk staff.

On some topics like branch controls, the publication lists specific best practices to consider. It also includes an appendix regarding core cybersecurity controls for small firms.

"Securities firms rate cybersecurity as one of their top operational risks, and our new report addresses areas that firms tend to find most challenging," according to David M. Kelley, surveillance director, member supervision in FINRA's Kansas City office.

FINRA's 19-page report highlights the following five topics:

  • Cybersecurity controls in branch offices;
  • Methods of limiting phishing attacks;
  • Identifying and mitigating insider threats;
  • Elements of a strong penetration-testing program; and
  • Establishing and maintaining controls on mobile devices.

A cybersecurity report from the antivirus software maker Norton found 143 million U.S. consumers were victims of cybercrime with total losses of $19.4 billion in 2017.

Furthermore, a recent poll funded by the insurance firm Aon found that of the 5.3 million high-net-worth individuals in the U.S., 77% are more concerned about the cybersecurity risks affecting their personal finances than traditional wealth management challenges, such as market volatility (60%) or changing interest rates (39%).

"There is no one-size-fits-all approach to cybersecurity, so FINRA has made a priority of providing firms with reports and other tools to help them determine the right set of practices for their individual business," said Steven Polansky, senior director, member supervision in FINRA's Washington, D.C. office.

More resources, as well as a podcast and video based on the 2018 report, are available at FINRA.org's cybersecurity topic page.

Young ProfessionalsFINRA
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Related Stories

FINRA Files to Raise Fees Starting in 2025 Osaic Failed to Supervise Trading in Dead Client's Account: FINRA What's at Stake in the Ameriprise-LPL Fight Over Client Data Morgan Stanley to Pay $1M Over Lack of Risk Controls Rep Churned Senior Business Owner's Account, Violated Reg BI: FINRA Kentucky Advisor Fined Over Bourbon-Tasting Business

Resource Center

6 Steps to Help Clients with Estate Planning link

Guide

6 Steps to Help Clients with Estate Planning

Essential Estate Planning Terms for You and Your Clients link

Guide

Essential Estate Planning Terms for You and Your Clients

The Estate Planning Checklist link

Checklist

The Estate Planning Checklist