Large brokerages typically have more established procedures and technology in place to prevent hacking, Rivela said. But even their employees can be duped. For example, firms have been facing a rash of incidents in which scam artists pose as customers and make wire transfer requests. Finra has disciplined numerous sales assistants who transferred funds without first verifying those requests with the actual customers.
Educating employees about scams is a key step, said Rocco Grillo, who heads a global information security unit at Protiviti, a division of California-based Robert Half, in an interview.
Other security threats include "phishing" emails that purport to be from clients and ask for personal data, as well as fake wireless hot spots that scam artists set up in public spaces to invade firms' systems, Grillo said.
Some companies hold employees accountable for information security breaches by withholding bonuses or even firing them, Grillo said.