Brokerage Firms Most Worried About Hackers and Rogue Employees, Finra Report Says

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://dealbook.nytimes.com/2015/02/03/brokerage-firms-most-worried-about-hackers-and-rogue-employees-finra-report-says/

The destructive cyberattack on Sony Pictures Entertainment last fall that
federal authorities linked to the North Korean government raised alarm
bells about the hacking threat posed by foreign governments. But brokerage
firms based in the United States remain most concerned about an attack
carried out by a loose band of hackers or employees with a grudge.

A report released on Tuesday by the Financial Industry Regulatory
Authority, the industry’s self-regulatory organization, said a survey of
about 20 brokerage firms found the threat of an online attack by nation or
a terrorist group ranked near the bottom of the industry’s concerns.

Concerns about state-sponsored attacks were highest at big investment
banks. But few of the largest firms surveyed by Finra put such attacks at
the top of their list.

All the firms said they had little concerned about a hack carried out by a
competitor.

The results of the survey were included in a Finra report that focused on
best practices that brokerage firms should enact to prevent serious attacks
that can compromise customer personal and financial information. The
organization conducted the survey last year to gain a better understanding
of what brokerage firms, both large and small, are doing to guard against a
serious attack.

In another sign of just how important the threat of an attack has become
for the financial services industry, the Securities and Exchange Commission
issued its own report on Tuesday that examined how prepared Wall Street
investment banks and brokerage firms are to repel hackers bent on accessing
their digital networks. The S.E.C. examination of more than 100 registered
firms found that the overwhelming majority of them “have been the subject
of cyber-related incident.”

The most common attacks involved hackers introducing malware into a firm’s
network or the use of fraudulent emails to seeking to persuade brokers to
improperly transfer a client’s money.

The Finra report recommended that all brokerage firms assess their security
as well as review the safeguards put in place by the vendors they employed.
These reviews should focus on things like data encryption, the number of
employees who have access to a network, the frequency of software patches
and updates, the security of data storage facilities and measures taken to
secure wireless and mobile systems.

The report said about 80 percent of firms surveyed already conduct some
form of periodic security self-assessment. But the regulatory agency said
it was “concerned that the remaining firms either had no program in place
or were in the nascent stages of establishing a program.”

The report does not identify the firms that Finra surveyed. From time to
time, the group conducts so-called sweep investigations of surveys of a
select group of brokerage firms that are supposed to represent a
cross-section of the large and small firms the regulatory agency oversees.

“Firms must make responding to these threats a high priority,” Susan F.
Axelrod, Finra’s executive vice president for regulatory operations, said
in a prepared statement.

Finra also recommended that brokerage firms institute strict measures to
restrict who at a firm can get access to sensitive “systems and data.” The
report also recommended that firm’s put in place a plan for quickly
terminating employees’ and vendors’ ability to access a particular system
when it was no longer relevant to their particular job.

Better safeguards about employee and vendor access to a firm’s network is
one way to prevent a hack being conducted by a company insider.

The report also highlights the need for financial services firms to better
coordinate their efforts and share information about potential threats and
attacks. Finra is echoing a point increasingly made by federal authorities
about the need for companies to work more closely with government
authorities and each other to thwart increasingly sophisticated hacks.

“Finra believes that the security industry can be more effective in
advancing cybersecurity for the community as a whole when it engage in
collaborative self-defense,” the report said. “To that end, Finra urges
firms to revisit their hesitancy to participate in information sharing
bodies.”

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!