×

Cyber Breaches Threaten Financial Firms

BLOOMFIELD, N.J., April 2, 2015 (GLOBE NEWSWIRE) -- Cybersecurity expert and independent technology consultant Brian Edelman spoke on a panel with some of the industry's top security experts about cybersecurity at the 2015 T3 Advisor Conference. Edelman, who is also the founder and CEO of an IT solutions firm called Financial Computer, provided steps financial advisors and insurance agents can take to better protect their organizations from security breaches; Edelman also discussed the architecture necessary for effective threat detection and response. Held in Dallas, TX the conference took place on Wednesday, February 11th through Friday, February 13th.

According to the panel, many investment advisory firms are required to implement an Identity Theft Protection Plan (ITPP) under Regulation S-ID. Those not required to do so should still consider implementing an ITPP as a best practice and consider all applicable state laws. THE TWO-HEADED SNAKE "Here's the scary thing," Edelman said. "A number of naïve financial professionals are going to get caught in a snare. Not only are there SEC and FINRA mandates to meet but the Sarbanes–Oxley Act (SOX) could turn out to be a two-headed snake, especially when it comes to data security and information breaches. Financial firms need to do more than just think about keeping client data and business information safe – they need to take action now." While SOX was an act passed by U.S. Congress in 2002 to protect investors from the possibility of fraudulent accounting activities by corporations, it has direct applications to cybersecurity and regulatory compliance for financial firms. It is management's responsibility to maintain a sound internal-control structure for data security and to assess its own effectiveness. It is the auditors' responsibility to attest to the soundness of management's assessment and report on the state of the overall data security system. Edelman urged financial firms to update their operations manuals, revise personnel policies, and record control processes.

"One way to ensure that you have a sound control process is to do a complete security assessment," Edelman said. He added that his firm offers a free cybersecurity checklist, which can serve as a quick assessment and awareness building exercise for firm principles. Companies who are serious about protecting their firms may engage Financial Computer, Inc. to conduct a complete security assessment.

PERSONAL ASSETS AT RISK

"The auditor is expected to assess the documentation of controls and procedures as well as how competently employees perform the control activities for which they are responsible," Edelman said. "Sadly, many unsuspecting people, including lower level employees, have been signing off on the firm's data security documents. My team and I have seen too many instances where employees have been merely glancing at the documents in question or blindly assuming that just because their technology was 'in the cloud' or provided by a bigger firm that all of their bases where covered. That lack of attention and naivety leaves the company susceptible to both reputation and financial risks. In addition, the unsuspecting employees are actually at risk – SOX does not protect personal assets in the event of litigation. This means the employee could actually lose their home." While at the T3 conference Edelman — who is known for providing comprehensive consulting and professional services that help organizations to define security strategies and implement solutions to mitigate risk, ensure compliance, and accelerate business objectives — also recorded a series of data security videos that contain additional information and advice. The conference panel gave financial advisors the information they need to keep themselves secure against cyber-attacks. Speakers on the panel included William French, Vice President of Risk Management at Fidelity Investments; Sid Yenamandra, CEO of Entreda; Bill Winterberg, producer of the information portal for financial services firms called fpPad; and Brian Edelman, founder and CEO of Financial Computer, Inc.

ABOUT BRIAN EDELMAN

Brian is an Independent Technology Advisor and CEO of Financial Computer. A nationally recognized cybersecurity expert, Brian founded Financial Computer in 1995 and is committed to keeping his clients' information safe. To learn more, visit: www.financialcomputer.com or call 888-434-6443.

CONTACT: Jessica Taylor Impact Communications, Inc. 800-974-7753 JessicaTaylor@ImpactCommunications.org

Source: Financial Computer