- November 17, 2020
- Posted by: Pat Riot
- Category: Finance
What’s one thing investment advisors and hackers have in common? They both use emails to transfer information and they use it every day. The contents of said emails may be drastically different, however, one thing remains true. Phishing attacks to this day are still the most common attack method on the financial industry for one reason and one reason only: They still work. Employees lack the training and knowledge of the threats out there and firms aren’t equipping their employees with the necessary tools to succeed. Data breaches can happen anywhere, at any time. In 2018, Des Monies advisors were charged by the SEC for over $1,000,000 for failing to follow basic cybersecurity polices & procedures which ended up compromising thousands of client’s personal information. As our “workplace identity” continues to shift, cybercriminals will try to take advantage of the confusion. Phishing attacks are a widely used method by hackers to extract various credentials and/or information to gain access into a firms’ network and obtain sensitive data.
Investment Advisors collect massive amounts of personal & financial data from clients. That data is essential for a firm to make necessary advising decisions & planning. In today’s world that information is typically sent via email from client to advisor. Making it essential that firms provide their advisors with a simple yet effective method of securely sending and/or receiving emails that contain sensitive information. Most firms today are using third-party email services like Outlook or Google. It is imperative for firms to utilize all privacy & protection tools provided to them. Chose an email vendor that offers comprehensive and easy to use email encryption features to secure your line of communication. Encrypting an email means a lock is put on the message and the receiver is the only one with the key to open and see said message. Allowing all data to be sent and managed securely & privately between advisor and client. Most email providers offer an encryption feature; however, it typically goes overlooked. Putting encryptions onto all emails & SMS can dramatically increase the cybersecurity maturity of any advising firm.
If you plan to continue using emails to transfer information, then it would be wise to plan on protecting the data in them. Here, at Steel Patriot Partners we have created a plan specifically for RIA’s & PWA’s that offers comprehensive information security polices, protocols, and procedures based around industry leading security frameworks provided by the SEC, DoD, and NIST to protect and defend your client’s data. For more information on how your firm can take the next steps in enhancing their security maturity please give us a follow on social media (Facebook, Twitter, LinkedIn), send us an email, give us a call at 703-297-4405 or contact us directly! Regardless of the method you choose, we look forward to hearing from you and are excited to help!