Finra Releases Cybersecurity Practices Report
Eight sections with suggested practices broker-dealers should adopt
The 46-page report is based off of a targeted examination, also known as a sweep, of an assortment of firms that looked into the types of threats firms face, the parts of firms' systems that might be susceptible to an attack, and how they're handling cybersecurity threats.
The results from the sweep mirrored that of a 2011 Finra survey where firms considered their top three cybersecurity threats: hackers, insiders compromising data and operational risks (power failures, earthquakes, etc.)
The report is broken down into eight sections, each of which includes a "Principles and Effective Practices" portion that summarizes what firms should implement to best protect themselves against cybersecurity. The sections are:
·Governance and risk management for cybersecurity
·Cybersecurity risk assessment
·Technical controls
·Incident response planning
·Vendor management
·Staff training
·Cyber intelligence and information sharing
·Cyber insurance
The report falls in line with Finra's 2015 Regulatory and Examinations Priority letter released earlier this year. The letter identified cybersecurity as one of five key areas of focus for the coming year.
"Broker-dealers face a variety of rapidly evolving cybersecurity threats, which require a well-designed and adaptable cybersecurity program," said Susan Axelrod, executive vice president for regulatory operations at Finra. "Finra is keenly focused on cybersecurity, and firms must make responding to these threats a high priority. This report builds on the insights from our recent cybersecurity sweep and highlights a series of principles and effective practices that firms can adapt to their particular circumstances."
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@waterstechnology.com
More on Regulation
Court case probes open-source licenses as movement stands at crossroads
The Software Freedom Conservancy’s lawsuit against TV-maker Vizio begins trial in California, raising questions about open-source licenses and the risks posed by adhering to them.
Waters Wavelength Podcast: Countdown to T+1
DTCC’s Val Wotton joins the podcast this week to discuss the impending move to T+1 in the US.
Consolidated tape hopefuls gear up for uncertain tender process
The bond tapes in the UK and EU are on track to be authorized in 2025. Prospective bidders for the role of provider must choose where to focus their efforts in anticipation of more regulatory clarity on the tender process.
Fighting FAIRR: Inside the bill aiming to keep AI and algos honest
The Financial Artificial Intelligence Risk Reduction Act seeks to fix a market abuse loophole by declaring that AI algorithms do not have brains.
Waters Wrap: The rise of AI washing… and regulation washing?
The SEC recently levied fines against two investment advisors over “AI washing”. Anthony takes issue with the announcement.
Prepare now for the inevitable: T+1 isn’t just a US challenge
The DTCC’s Val Wotton believes that firms around the globe should view North America’s move to T+1 as an opportunity—because it’s inevitable.
European firms prime for lopsided settlement in North America and at home
With T+1 imminent in North America and increasingly likely to traverse the Atlantic, operations and trading professionals in Europe are fighting on two fronts.
As crypto ETFs become reality, benchmark providers take center stage
The SEC’s approval of the first spot bitcoin ETFs will expose a growing number of traditional market participants to the maturing world of crypto data, a moment that some—such as CF Benchmarks, BlackRock’s benchmark provider—have been eagerly awaiting.
Most read
- Women in Technology & Data Awards 2024: All the winners and why they won
- Witad Awards 2024: Above and beyond award (vendor)—Susan Bennett, Tradeweb
- Fighting FAIRR: Inside the bill aiming to keep AI and algos honest