BreachExchange mailing list archives
Cyber breaches rare among U.S. state-registered investment advisers - study
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 10 Sep 2014 19:45:43 -0600
https://finance.yahoo.com/news/cyber-breaches-rare-among-u-182255926.html Cyber security breaches are rare among investment advisory firms registered with U.S. states, but improvements to technology and procedures could still bolster protection of client information, state securities regulators said on Wednesday. Just 4 percent of advisers reported having a "cyber security incident" during the years in which they have been registered in their respective states, according to a study by the North American Securities Administrators Association (NASAA). The incidents were as diverse as website breaches and hackers impersonating clients via email. Theft and unauthorized use of confidential data were problems for 1 percent of advisers, NASAA said. The study did find problems, however. For example, nearly a third of advisers that contact clients via email do not send messages through a secure system that prevents them from being read by hackers and other third parties. Also, fewer than half of the firms surveyed, or 44 percent, had policies, procedures and training in place related to cyber security. State-registered investment advisers account for more than half of the registered investment advisers in the United States, NASAA said. The group released the cyber-security study on Wednesday at its annual conference in Indianapolis. Financial services firms have been jittery about information security after several high-profile data breaches at major retailers, including Target Corp (TGT.N) and Home Depot Inc. (HD.N) JPMorgan Chase & Co (JPM.N) is also investigating a possible cyber attack, a spokeswoman said on Aug. 29. [ID:nL1N0QY0S7] NASAA's study included 440 state-registered investment advisory firms in nine states. U.S. state securities regulators oversee small and mid-sized investment advisers who manage up to $100 million. Larger investment advisers register with the U.S. Securities and Exchange Commission. Other states are now using NASAA's pilot study to collect information from advisers in their jurisdictions. NASAA plans to develop guidance for advisers about cyber security practices based on the results, Valerie Mirko, NASAA deputy general counsel, said in a telephone interview. NASAA expects the additional results by yearend, Mirko said.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Cyber breaches rare among U.S. state-registered investment advisers - study Audrey McNeil (Sep 17)