Building your cyber security foundation - Waystone

      Building your cyber security foundation

      At Waystone Cyber Security Solutions we believe that as you grow your firm it should be built on a strong foundation of information security.

      The financial services industry is a significant target for cyber security criminals, perhaps second only to the federal government. Creating a robust cyber security program that incorporates technology professionals and processes as early as possible in the lifecycle of a firm is essential to ensure that good practices and habits are created and embedded from a firm’s inception.

      Actions you can take to mitigate your cyber security risk

      It’s no longer a matter of ‘if’ you will be attacked but ‘when’ and assessing what the scope of the damage may be. In order to mitigate your cyber security risks, there are a number of actions you can take now:

      • build your cybersecurity foundation on regular technology risk assessments, carried out on at least a biennial basis.
      • create robust written information security policies and review them on an annual basis.
      • conduct annual cyber security training and run phishing campaigns for all staff.
      • ensure that the business, and not only IT, tests your backups and recovery strategy on a regular basis.
      • conduct executive-level, tabletop, cyber security exercises across all aspects of the business as well as an IT-focused exercise.
      • scan your perimeter weekly for vulnerabilities and ensure that a third party carries out a scan of your internal networks to ensure patches are being applied correctly.
      • ask questions of your vendors about their cyber security program and conduct diligence as necessary.
      • ensure your office premises is physically inspected for its security; implement a ‘clean desk policy’ and lock individual office doors when not in use.
      • for PE firms, conduct portfolio company oversight and ensure that portcos report regularly on cybersecurity.

      If you would like to find out more about how our team of dedicated cyber security advisors can help you with your specific requirements, please contact us below.

      Contact Us

      Previous post Next post

      More like this

      eComms compliance – the SEC continues its scrutiny and issues substantial fines

      In September 2021, the SEC began its focus on how banks were monitoring, archiving and safeguarding business-related eComms being undertaken…
      Read more

      What role should NEDs play in cybersecurity?

      Waystone Compliance Solutions’ Chief Information Security Officer, Conor Flynn, was recently featured in an Assured article where he provided insight…
      Read more

      SEC Fines Firm $35 Million for Failure to Protect Client Data

      On September 20, 2022, the U.S. Securities and Exchange Commission (“SEC”) fined Morgan Stanley Smith Barney for their purported failure…
      Read more

      Securing sensitive employee data – recommended HR policies and procedures

      The onboarding and offboarding of employees is not a subject that we often think about in terms of information security.…
      Read more

      Cyber Security Solutions for the US Investment Advisers

      SEC Focus on Cyber Security and Operational Resilience. The US Securities and Exchange Commission (“SEC”) has increased its focus on…
      Read more

      SEC proposes cyber security risk management rules and amendments for registered investment advisers and funds

      On February 9th, the SEC voted to propose rules related to cybersecurity risk management for registered investment advisers, and registered…
      Read more