Need cybersecurity help for your RIA firm? The U.S. Securities and Exchange Commission (SEC) has created a number of documents containing cybersecurity guidance and other topics such as social media, email/texting and phishing.
Because of our cybersecurity service for RIAs, we’ve been able to see first-hand where RIAs tend to struggle. Below you’ll find a number of topical guides that further explain the SEC’s cybersecurity guidance and offer options and recommendations.
Nov 06, 2024 by Josh Ablett
RIAs commonly ask us for an "RIA cybersecurity policy template." Since wealth management firms vary so widely, we've found that it's challenging to create a one-size-fits-all template. Instead, we offer this Cybersecurity Policy Checklist for RIAs. This is designed to help you figure out what kinds of questions you need to answer in order to […]
Read moreOct 01, 2024 by Josh Ablett
For businesses with 10 to 300 employees, especially those in regulated sectors like financial services or healthcare, implementing the right mobile security strategy is essential. This article explores MDM cybersecurity, comparing MDM and MAM approaches, and offers practical advice for securing your mobile workforce. Mobile Security Management Overview Let's clarify MDM vs. MAM: Both MDM […]
Read moreSep 27, 2024 by Josh Ablett
One of the most common challenges we see for clients of our Virtual CISO service is how to manage the risk of using freelancers and small contracting firms. The use of freelancers and contractors is very common, especially in areas with specialized skills. We commonly see them in the form of CRM experts, financial experts, […]
Read moreAug 18, 2022 by Holly Sagstetter
As a company that works with investment advisors to improve their cybersecurity, the subject of SEC books and records retention requirements may seem a little odd. But it is a topic that comes up frequently with current clients and prospects. One area we like to focus on is cloud services security. Are your email accounts […]
Read moreMay 19, 2021 by Holly Sagstetter
Which cyberattacks could hurt your Registered Investment Advisor (RIA) Firm? The truth is, any and all cyberattacks could hurt your firm. So what can you do about it? Simply being aware is the first step, so let’s dive into the top 6 cyberattacks that could hurt or simply ruin your RIA firm. 1) RIA Cyberattacks: […]
Read moreDec 20, 2020 by Josh Ablett
Are you worried about ransomware? You should be. Ransomware is hitting companies of all sizes, sometimes with disastrous results. Many companies need to put together a specific plan for ransomware, known as a “ransomware playbook.” We think even small firms should spend some time planning what they will do if they're hit. When ransomware hits, […]
Read moreNov 30, 2020 by Josh Ablett
Banking Trojans are back, and they're nasty. Click on the wrong email, and hackers drain your firm's operating accounts. Incredibly, many of these attacks even defeat your bank's two-factor authentication. Here's a great article that explains how banking trojans bypass two-factor authentication. So what should every business do to protect yourself against banking trojans? The […]
Read moreNov 27, 2020 by Josh Ablett
Wire fraud is a huge problem for Registered Investment Advisors. Every day, criminals trick firms like yours into wiring funds out of client OR firm accounts. What is the SEC Cybersecurity Guidance on wire fraud? And what are the best practices to stop wire fraud in firms today? It’s critical that your staff identify these […]
Read moreNov 19, 2020 by Josh Ablett
As our work moves online and becomes more digital, our risks are changing. In recognition of this fact, registered investment advisors must take cybersecurity seriously. The SEC cybersecurity guidance lays out clear directions for taking cybersecurity risks seriously. And one of the biggest threats to your firm today is phishing. The SEC Cybersecurity Guidance seems […]
Read moreNov 17, 2020 by Josh Ablett
In our line of work, we hear a lot of myths and rumors. For example, some people say that Microsoft365 isn’t SEC compliant because it’s in the cloud. We have also heard some people saying the same about Google’s Google Workspace. But what does the SEC Cybersecurity Guidance say? For personalized support and expert advice, […]
Read more
