Data breaches have become so common that
financial advisers cannot afford to remain uninformed
Mar 8, 2019 @ 10:29 am
By Sid Yenamandra
Cybersecurity articles are notoriously
unpopular with financial advisers compared with other industry news, unless
it's something drastic like Voya's recent slip-up exposing advisers' Social Security
numbers on its website.
When it comes to financial technology, advisers
are more likely to peruse something like T3's 2019 Software Survey than
they are to learn about how cybersecurity best practices can save them from
costly damages tied to data breaches.
I don't think this is about boredom. Based on
conversations with advisers and wealth management executives, I've come up with
five reasons why you are not reading this cybersecurity article. Those reasons might
surprise you, and spark positive action.
1. You trust yourself, your third-party vendors and
in-house staff to be careful. Chances are you have discussed cybersecurity threats and written
cybersecurity policies adhering to Securities and Exchange
Commission or Financial Industry Regulatory
Authority Inc. regulations. But without learning about real
safeguards — like comprehensive automated tracking, logging and remediation
technology — all you have is hope.
2. You have not suffered a data breach nor
been fined over one. Why spend time
and money on something that has not been a problem? That's like saying because
you've never been fined by the IRS, you refuse to learn about tax obligations
or because you've never suffered a major illness, you refuse to learn how to
stay healthy. Learning how to prevent problems is more effective than learning
how to fix problems.
3. You suffered a data breach despite taking
precautions. Advisers who have been
there may feel that cybersecurity does not work since data breaches are
inevitable. But some breaches are much worse than others, and the worst ones
are often preventable. And there is a difference between suffering one minor
breach and several major breaches. It's always better to discover how to
minimize threats.
4. You have errors and omissions or liability
insurance. Advisers who can
recoup the cost of data breaches that occur due to mistakes or malfeasance have
good reason to rest easier than advisers who lack insurance. However, insurance
cannot restore reputational damage stemming from a breach that influences
clients, prospects and talented staff to look elsewhere. Plus, unless your
policy is designed specifically for cybersecurity, you likely are not as
well-covered as you think.
5. You are ignoring the issue. We all know advisers who simply do not want to
think about cybersecurity. Maybe they do not consider themselves to be
tech-savvy, they find the subject frightening or they hope to exit the business
before they suffer a data breach. If you fall into one of these camps, you are
wishing the problem away, advice you would never give a client. Instead, you
would tell them to prepare for the challenge.
Learning how to protect your business requires
you to explore new fields, including those that lie outside your comfort zone.
Data breaches have become so common that financial advisers cannot afford to
remain uninformed about them. When it comes to cybersecurity, the best place to
start is by reading the news.
Sid
Yenamandra is the co-founder and CEO of Entreda, which
provides comprehensive cybersecurity solutions for independent retail financial
advice firms and their advisers.
No comments:
Post a Comment