24 March 2018

Finra issues report on cybersecurity practices

04 February 2015  |  2310 views  |  0 Source: The Financial Industry Regulatory Authority (FINRA)

The Financial Industry Regulatory Authority (FINRA) issued a new report on cybersecurity, which details practices that firms can tailor to their business model as they strengthen their cybersecurity efforts.

The Report on Cybersecurity Practices draws in part from the results of FINRA’s recent targeted examination (“sweep”) of a cross-section of firms. The sweep, conducted in 2014, focused on the types of threats firms face, areas of vulnerabilities in their systems and firms’ approaches to managing these threats.

FINRA also issued a new Investor Alert called Cybersecurity and Your Brokerage Firm, which encourages investors to understand their firm’s cybersecurity policies. FINRA’s new Investor Alert includes a series of questions investors can ask to help them better understand their firm’s cybersecurity activities and policies, as well as practical advice to help investors safeguard their brokerage accounts and personal financial information.

“Broker-dealers face a variety of rapidly evolving cybersecurity threats, which require a well-designed and adaptable cybersecurity program,” said Susan Axelrod, Executive Vice President for Regulatory Operations. “FINRA is keenly focused on cybersecurity, and firms must make responding to these threats a high priority. This report builds on the insights from our recent cybersecurity sweep and highlights a series of principles and effective practices that firms can adapt to their particular circumstances.”

Broker-dealers are increasingly exposed to cybersecurity risks, and breaches at a broker-dealer could entail adverse implications for investors, firms, capital markets and even broader swaths of the financial system.

FINRA’s new report reveals that according to both FINRA’s 2014 sweep and a 2011 survey of firms, broker-dealers identified the top three threats as:

  • hackers penetrating firm systems;
  • insiders compromising firm or client data; and
  • operational risks.

The rankingfirm systems;

  • insiders compromising firm or client data; and
  • operational risks.

The ranking of threats varied by firm and by business model. While online brokerage firms and retail brokerages are more likely to list hackers as their top-priority risk, firms that engage in algorithmic trading were more likely to consider insider risks potentially more damaging. Large investment banks or broker-dealers typically ranked risks from nation states or hacktivist groups more highly than other firms.

Report on Cybersecurity Practices focuses on select cybersecurity topics that, together, serve as a resource for firms developing or advancing their cybersecurity programs, including:

  • cybersecurity governance and risk management;
  • cybersecurity risk assessment;
  • technical controls;
  • incident response planning;
  • vendor management;
  • staff training;
  • cyber intelligence and information sharing; and
  • cyber insurance.

While many of the practices discussed in FINRA’s report are geared to large firms with sophisticated management structures, FINRA believes small firms can benefit from this report as well.

Comments: (0)

Comment on this story (membership required)

Related company news


Related blogs

Create a blog about this story (membership required)
www.currencycloud.comVisit www.vasco.com

Top topics

Most viewed Most shared
hands typing furiouslyBitcoin at 50,000 USD?
14856 views 0 | 8 tweets | 5 linkedin
BBVA tests 'invisible payments' technology at inhouse cafeBBVA tests 'invisible payments' technology...
12343 views comments | 16 tweets | 35 linkedin
RBS hatches plan to create digital challenger bankRBS hatches plan to create digital challen...
11977 views comments | 12 tweets | 23 linkedin
Barclays partners seven watch brands for contactless timepiecesBarclays partners seven watch brands for c...
10790 views comments | 14 tweets | 32 linkedin
Germany's N26 readies for US launch with EUR110 million capital injection led by Allianz and TenCentGermany's N26 readies for US launch with E...
8856 views comments | 15 tweets | 11 linkedin

Featured job

Basic c. EUR 90K OTE c. EUR 180K plus full bene...
Paris (preferred) or London

Find your next job