BROWSE BY TOPIC
Stories of Interest
- SEC Charges Additional Defendant in Fraudulent ICO Scheme
- Warren Buffett Simply Blew it on Wells Fargo Stock: Dick Bove (Video)
- Barclays and Deutsche Bank to Lag U.S. Trading Peers
- NY AG Schneiderman Seeks to Close Loophole That Could Let Trump Pardons Block State Charges
- 'Fearless Girl' is Moving to NYSE After Year Staring Down 'Charging Bull'
- What's In Your Wallet - American Express Shares Soar After Earnings Release
- Deutsche Bank's Executive Departures Continue Following Change in CEO
- Reflections of an Economist Commissioner (SEC's Piwowar)
- Billionaire HF Manager and The Fed Chair Runner-Up are Investing in New Cryptocurrency
- Court Finds 2 Brokers Liable for Fraud Involving Mortgage-Backed Securities
- One FINRA: An Organization’s Commitment to Diversity and Inclusion
- 2018 GASB Accounting Support Fee to Fund the Governmental Accounting Standards Board
- Barclays Eyes Move Into Cryptocurrency Trading
- Goldman Breaks From Wall Street Pack with Bond-Trading Boom
- Janney Montgomery Scott CEO Joins FINRA Board of Governors
- SEC Encourages Investors to Do Background Checks on Investor.gov
- The Martin Act: Wall Street Titan Takes Aim at Law That Tripped Him Up
- Bank of America’s Cost-Cutting Drive Pushes Profit to Record
- Larry Fink: Wall Street’s $6 Trillion Man Finally Worth $1Bn
- Activist Investor Wants Barclays Investment Banking Overhaul (Video)
We seek to provide information, insights and direction that may enable the Financial Community to effectively and efficiently operate in a regulatory risk-free environment by curating content from all over the web.
Stay Informed with the latest fanancialish news.
NEWSLETTERS & ALERTS
Broker-Dealer Cybersecurity - FINRA Podcast (Part 2 of 3)
In the second of a 3-part series on common cybersecurity program deficiencies, Chip Jones, FINRA’s SVP of Member Relations and Education, leads a discussion with Dave Kelley, the Surveillance Director from FINRA's KC District Office, on formalizing the oversight of a firm's cyber program and strengthening controls around access to data and systems. The podcast duration is 6-1/2 minutes.
When formalizing a cybersecurity program, firms should incorporate the following elements:
- involvement of top management including, where applicable, the board of directors;
- one person dedicated to organizing the entire program firmwide (in a small firm, that might be the CCO or an outside IT consultant); and,
- communications between the designated person and top management.
The FINRA Small Firm Cybersecurity Checklist is designed to assist small firms in establishing a cybersecurity program to:
► identify and assess cybersecurity threats, protect assets from cyber intrusions
► detect when their systems and assets have been compromised
► plan for the response when a compromise occurs
► implement a plan to recover lost, stolen or unavailable assets
To control access to a firm’s data, a firm must have answers to the following questions:
- How do people get access?
- How is access taken away when people leave the firm?
- What type of monitoring is done on an annual basis to know who has access to data?
- Is the firm’s data stored on an internal server or on a vendor’s remote server?
- Who, at the firm, has more access to firm data than anyone else, and what is the process for knowing what they’re doing at any/all times?
When it comes to password protection, ... firm’s should require longer and more complex passwords that are changed periodically. Firms should also utilize “multi-factor authentication” for people who access firm data from outside the organization.
NEXT UP - PART 3 - Vendor Management, Branch Controls, Data Protection.
[Click here to access PART 1 OF 3]