Who’s responsible for cybersecurity: The adviser or the firm?

Q: All we keep hearing about at my firm is “cybersecurity.” I get what I’m supposed to do: Don’t click on strange links in e-mails. Watch out for phishing attempts. Verify distribution requests with my clients verbally. Beyond that, isn’t it the firm’s responsibility to make sure its systems are buttoned up?

A: Actually, the measures you’re taking aren’t the only ones that you personally need to worry about when it comes to cybersecurity.

If you work from home, is your modem secure? If you’re working remotely from a coffee shop, is the Wi-Fi allowing hackers to access your laptop? Do you save your passwords on your smartphone in an unencrypted file? Do you use the same password for different accounts? And have you failed to speak to your clients about how they’re keeping their financial information secure?

Cybersecurity
Monitors display the status of the Sembcorp Industries Ltd. Global Asset Management System (GAMS) at the company's Technology and Innovation Center on Jurong Island in Singapore, on Friday, March 31, 2017. GAMS enables the mangement of Sembcorp's utilitiy facilities around the world through advanced data analytics for process optimisation, troubleshooting and predictive maintenance. Photographer: Ore Huiying/Bloomberg
Ore Huiying/Bloomberg

These are just a few of the additional questions you should be asking yourself.

It might help to re-think your attitude about cybersecurity. Treating it as your firm’s responsibility, not yours, is surest way to undermine your firm’s security (cyber- or otherwise).

The number and frequency of attacks continue to grow, putting your clients’ money at risk (not to mention your firm’s).

Broker-dealers that get hit with cyberattacks not only lose money as a direct result of the incursions, but also lose clients when their reputations take a hit — sometimes at a greater cost than the immediate loss from the financial breach. And if your firm loses clients, you can bet that you’re losing clients —and income — as well.

So if you can’t get on board for the sake of your employer and you’re not concerned about your clients losing money, then at least do it for the sake of your own pocketbook.

Amid a broad deregulatory push, industry watchdogs are seeking to lower barriers that now limit many alternative investment products to so-called accredited investors.

2h ago
5 Min Read
Business man looking at keyhole with bright cityscape concept

The impact of President Trump's push against diversity, equity and inclusion programs at the SEC remains murky, according to a watchdog report.

2h ago
8 Min Read
The logo of the U.S. Securities and Exchange Commission is displayed outside the agency's headquarters in Washington, D.C.

The self-assessment model is targeted at developing advisors' skills and encouraging client connections across all career stages.

3h ago
3 Min Read
Emotional intelligence (EQ) word cloud

For reprint and licensing requests for this article, click here.
Cyber security Compliance Technology Practice management
MORE FROM FINANCIAL PLANNING