Home SCC encourages Virginians to talk to financial professionals about cyber security
Local

SCC encourages Virginians to talk to financial professionals about cyber security

Contributors

economic-forecast-headerWith organized cyber-attacks against financial institutions on the rise, the State Corporation Commission (SCC) reminds investors of the importance of protecting the personal information they share with financial professionals.

“The increasing reliance on technology in our daily lives could leave our sensitive financial information more vulnerable to unwanted viewing or theft without proper safeguards in place,” said Ron Thomas, director of the SCC’s Division of Securities and Retail Franchising. “Ask questions to determine a financial firm’s level of cybersecurity preparedness. Talk to your investment professionals about the steps their firms are taking to safeguard personal client information,” he said.

Thomas suggests asking the following questions:

  • Has the firm addressed which cybersecurity threats and vulnerabilities may impact its business?
  • Does the firm have written policies, procedures, or training programs in place regarding safeguarding clients’ personal information?
  • Does the firm maintain insurance coverage for cybersecurity breaches?
  • Has the firm engaged an outside consultant to provide cybersecurity services?
  • Does the firm have confidentiality agreements with any third-party service providers with access to the firm’s information technology systems?
  • Has the firm ever experienced a cybersecurity incident that resulted in theft, loss, unauthorized exposure, use of, or access to customer information? If so, what steps has the firm taken to close any gaps in its cybersecurity infrastructure?
  • Does the firm use safeguards such as encryption, antivirus, and anti-malware programs?
  • Does the firm contact clients via email or other electronic messaging? If so, does it use secure email and procedures to authenticate client instructions received via email or electronic messaging to reduce the chance of someone impersonating a client?

In September 2014, the North American Securities Administrators Association (NASAA), of which the SCC is a member, reported that 62 percent of state-registered investment adviser firms participating in a NASAA pilot survey had undergone a cybersecurity risk assessment, and 77 percent had established policies and procedures related to technology or cybersecurity.

For more information, contact the SCC’s Division of Securities and Retail Franchising toll-free in Virginia at 1-800-552-7945 or in Richmond at (804) 371-9051 or e-mail the division at [email protected]. Additional information may also be found on the Securities Division’s website at www.scc.virginia.gov/srf or the NASAA website at www.nasaa.org.External Link logo

Contributors

Contributors

Have a guest column, letter to the editor, story idea or a news tip? Email editor Chris Graham at [email protected]. Subscribe to AFP podcasts on Apple PodcastsSpotifyPandora and YouTube.