It was apparently not enough that the SEC and FINRA made cyber-security an exam priority for 2014, but the Department of the Treasury has now focused on this pervasive issue. In recent comments, Treasury Secretary Lew has urged financial firms to step it up when protecting against cyber-attacks.
Stories of cyber-attacks are becoming so common that we are almost longing for the days of daily reports of Ponzi schemes falling apart. In the end, the potential long-term customer-related impact of cyber-attacks will outweigh any other crisis that has befallen Wall Street.
Attacks on the financial sector come from many sources, including state-sponsored groups, cyber criminals, and politically motivated hackers to name a few. The question each financial firm must ask is what they are doing to prevent cyber-attacks.
The first place to start is to critically review your IT systems, especially those that are internet facing. These systems must be audited and tested on a regular basis.
Proper focus must also be given to internal threats.
For example, are password protected systems properly restricted? What is your policy regarding the use of laptops and the information that can be stored on them?
Therapeutic neglect is no longer a solution when it comes to preventing cyber-attacks. What are you doing to prevent them? Take action, don't be a victim.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
