RSI Helps Broker Dealers and Financial Advisors Address FINRA Cybersecurity Checklist and Mitigate Cybersecurity Risk.
In a month’s time broker dealer firms from around the country will descend upon Washington DC to attend the FINRA 2017 conference. Given evolving threat environments and continuing challenges of Cybersecurity controls (per FINRA’s 2017 Priorities list) it’s certain that Cyber threats and mitigation efforts will be hot topics addressed within the keynotes and workshops scheduled throughout the week.
FINRA’s Cybersecurity checklist is an excellent resource to assist companies looking to establish or augment an existing Cybersecurity program. Whether you’re ready to deploy a solution or need to scope out your requirements, we recommend these due diligence steps in picking a Cybersecurity vendor.
Pick a vendor that has extensive knowledge and experience in dealing with the distinct threats and mitigation policies facing the financial sector. Assess their flexibility in designing a tailored solution for your needs that can scale with your business’s growth and (taking the hacker’s perspective) your potential attack surface.
Is the vendor on your short list responsive in following up on your initial query and conveys urgency and appreciation for your business? Their level of concern (or lack thereof) demonstrated early on will likely mirror their responsiveness when reacting to a breach event or a regulatory audit warning. Can they align your security needs within the broader context of IT support? Every proactive or reactive cyber mitigation measure informs IT response capability and vice-versa.
RSI can help you navigate today’s turbulent Cybersecurity waters and accomplish the goals cited in FINRA’s Checklist. Our security and compliance services sync 1:1 with FINRA’s security best practices and we can align with your security requirements as well.
Section 1 - Identify and Assess Risks - Inventory
Identify and analyze potential dangers or risks to a firm's business that could arise through its information technology systems.
Section 2 - Identify and Assess Risks - Minimize Use
Limit Personally Identifiable Information (PII) collections to the least amount necessary to conduct its mission; the organization may limit potential negative consequences in the event of a data breach involving PII.
Section 3 - Identify and Assess Risks - Third Party
Firms should manage Cybersecurity risk that can arise across the lifecycle of vendor relationships using a risk-based approach to vendor management.
Section 4 - Protect - Information Assets
Organizations should have robust malware incident handling capabilities to limit the damage that malware can cause and restore data and services efficiently.
Section 5 - Protect - System Assets
Identify and maintain an inventory of assets authorized to access the firm’s network and critical assets that should be accorded prioritized protection.
Section 6 - Protect - Encryption
Encryption protects the confidentiality of data by ensuring that only approved users can view the data. Other benefits include providing a means for ensuring information integrity and non-repudiation.
Section 7 - Protect - Employees Devices
Establish, implement, and actively manage the security configuration of laptops, servers, and workstations using a rigorous configuration management and change control process to prevent attackers from exploiting vulnerable services and settings.
Section 8 - Protect- Controls and Staff Training
Firms should provide cybersecurity training to determine where the skill gaps and points of risk exposure exist, and develop and deliver training in those areas.
Section 9 - Detect - Penetration Testing
Penetration testing is security testing in which assessors mimic real-world attacks to identify methods for circumventing the security features of an application, system, or network.
Section 10 - Detect - Intrusion
Organizations should deploy Intrusion Detection and Prevention Systems (IDPS) to identify possible incidents, log information about them, attempt to stop them, and report them to security administrators.
Section 11 - Response Plan
Firms should establish policies and procedures, as well as roles and responsibilities for escalating and responding to Cybersecurity incidents to limit damage, assure external stakeholders, and reduce recovery time and costs.
Section 12 - Recovery
Organizations should have policies in place to Contain & Eradicate Cyber threats and be able to deploy a rapid Recovery plan in the event of a breach.
About the Author
Eric Haruki is a technology analyst with over 15 years of experience advising global category leaders such as Samsung, Panasonic, HP, & Cisco on product and brand strategy, market competitiveness, and in areas of untapped product and distribution opportunity. He has produced both syndicated and project work, delivering forecasts, SWOT analyses, road maps, and panel survey insights to research customers around the globe. Eric has contributed to major print and television press outlets and has been a featured presenter at industry conferences. He is driven to find insights through extensive market research and deliver concise and actionable solutions to vendors, leading ultimately to the development of valued downstream goods and services to end users.