FINRA expects firms to consider sound principles and effective practices as they develop or enhance their cybersecurity programs. In the development of an effective Cybersecurity programs, best practices include written policies and procedures that include:
- defining a governance framework to support decision making based on risk appetite;
- ensuring active senior management, and as appropriate to the firm, board-level engagement with cybersecurity issues;
- identifying frameworks and standards to address cybersecurity;
- using metrics and thresholds to inform governance processes;
- dedicating resources to achieve the desired risk posture; and
- performing a CYBERSECURITY RISK ASSESSMENT
Compliance Advisers can prepare customized CyberSecurity Written Supervisory Procedures (WSPs) to protect your firm against the devastating effects of a cyber attack AND meet FINRA requirements.
We also conduct full, comprehensive Cybersecurity Risk Assessments to help Firms identify and analyze potential dangers or risks to its business that could arise through its information technology systems. In the case of broker-dealers, such risks could include the compromise of customer or firm confidential information, the misuse of customer funds or securities resulting in potential financial losses for the firm or its clients, and the theft of proprietary trading algorithms, as well as adverse reputational impacts for the firm.
See Cyber Security—“Trouble Times Two” for Securities Industry Firms by Karen Steighner
Contact us for a quote and/or information about customized Cybersecurity Written Policies and Procedures or to arrange a full, comprehensive Cybersecurity Risk Assessment conducted for your Firm today!