Cybersecurity Awareness Month – a focus for asset managers

      Cybersecurity Awareness Month occurs each October and is a collaboration between government and private industry, designed to promote the importance of staying safe and secure online.

      Cyber security statistics

      The most recent cyber security statistics reflect the significant material impact that a cyber breach can have on your business and are a call to action to firms that have yet to implement a cyber security program to mitigate risks:

      • it is estimated that cyber crime costs the world over US$6trillion in 2021
      • 60% of mid-size businesses go out of business within six months of a security breach
      • 95% of cyber security breaches are caused by human error
      • stolen credentials cause 61% of security and data breaches
      • there is a material shortage of cyber security professionals worldwide
      • remote working has had a costly effect on data breaches.

      High-profile data breach court cases

      The scale of the issue is further highlighted by several recent high-profile court cases, where Chief Investment Officers (CIOs) are currently on trial for failing to follow appropriate procedures after their firms were hacked. Their alleged actions have exposed their firms to regulatory investigations and fines, and potential lawsuits from shareholders. No firm is immune, a review of the key data breaches so far in 2022 includes some of the world’s most well-known organizations.

      Cyber security an increasing focus for financial regulators

      Cyber security is an increasing focus for regulators wanting to ensure that asset managers have adequate and appropriate controls and processes in place to mitigate and prevent cyber security breaches. Across the globe, governments and regulators are increasingly taking note and beginning the implementation of more stringent regulation and laws.

      The SEC, following other US agencies, proposed its set of rules earlier this year. While the final rules are yet to be announced, the industry does not expect them to differ significantly to those that are already in place under similar agencies such as FINRA’s cyber security rules.

      For asset managers, managing their cyber security risk is almost important as managing their investment strategies, as failure in either can signal the collapse of reputation and business success.

      What are the next steps for asset managers worldwide?

      Some steps asset managers can take to mitigate cyber security risk include:

      • asset managers must gain a clear understanding of the cyber security regulations that currently apply to them and what proposed regulations are forthcoming
      • it is recommended that asset managers invite an independent cyber security advisor to assess, review and test their current level of cyber security to ensure that a robust, adequate and appropriate cyber security solution is in place.

      If you would like to find out more about how Waystone Compliance Solutions’ team of dedicated cyber security advisors can help you with your specific requirements, please contact us.

      Previous post Next post
      Share

      More like this

      Cyber Risk in the Middle East – How secure is your firm and its ecosystem?

      Cyber-attacks are the unauthorised exploitation of systems, networks and technologies and they have been a high-risk item on companies' agendas…
      Read more

      eComms compliance – the SEC continues its scrutiny and issues substantial fines

      In September 2021, the SEC began its focus on how banks were monitoring, archiving and safeguarding business-related eComms being undertaken…
      Read more

      What role should NEDs play in cybersecurity?

      Waystone Compliance Solutions’ Chief Information Security Officer, Conor Flynn, was recently featured in an Assured article where he provided insight…
      Read more

      Building your cyber security foundation

      At Waystone Cyber Security Solutions we believe that as you grow your firm it should be built on a strong…
      Read more

      SEC Fines Firm $35 Million for Failure to Protect Client Data

      On September 20, 2022, the U.S. Securities and Exchange Commission (“SEC”) fined Morgan Stanley Smith Barney for their purported failure…
      Read more

      Securing sensitive employee data – recommended HR policies and procedures

      The onboarding and offboarding of employees is not a subject that we often think about in terms of information security.…
      Read more