Cybersecurity is once again an area of top priority for the SEC and FINRA in 2017. It might be summer now, but your cybersecurity program should never take a vacation. A strong cybersecurity program is important to protect your firm and also satisfy regulators during an examination. Read our 4 ways to improve your cybersecurity program.
1) Create a written policy
If you don’t have one yet, you should. Cybersecurity has been a hot button issue for SEC since 2015. It’s time to establish a formal, written policy.
2) Test cybersecurity controls.
Test your controls. You will want to be able to produce the results of your test and document any changes you made to your policies because of those results.
3) Train your employees.
Proper cybersecurity training makes employees aware of how their actions may create risk for the firm. Also include in your training how the firm will respond to cyber security issues.
4) Review the policies of your third-party vendors.
You have a written policy. You tested it. Your employees are trained. Don’t forget your vendors. Request the security policies of your vendors and be able to document that all confidential client information is secure.
If you would like to learn more about this subject, please view our Webinar recording on 2017 SEC Examination Priorities
Subscribe to our blog to keep up to date with everything SEC FINRA
Comment below with any tips you would like to share with your peers for facing an SEC exam.