As more communication is conducted over mobile devices, mobile security is becoming another area where special attention should be paid. A recent report by Wandera highlighted several security risks for financial services organizations through the use of mobile devices. These include phishing, with financial services firms experiencing more phishing attacks compared to other sectors (57% compared to 42% cross-industry), and man-in-the-middle attacks, which occurs when traffic from one device is intercepted, and then unknowingly read and possibly altered, before reaching its intended recipient. Man-in-the-middle attacks happen frequently through the use of risky hotspots and public Wi-Fi networks, so avoiding unknown networks is a good way to minimize this risk. Finally, a basic step that can prevent the release of valuable data, but is often overlooked by one in twenty financial services employees, is enabling a simple lock screen on devices.
Perform Vulnerability Tests
Once written response procedures are established in the event of a breach, regular tests of these procedures can help refine and adjust processes and systems as needed. Along with the tests provided by the SEC, firms must perform their own consistent testing for vulnerabilities. Be prepared to fix the problems that are revealed through these tests. Using real-life scenarios also helps engage employees in cybersecurity protocols.
Prioritizing Cybersecurity
Security breaches and risks continue to be a pressing issue for the financial services industry. With a formal cybersecurity strategy in place that incorporates the four factors outlined here, financial advisors and firms can be better prepared to respond to threats.
Christopher Crawford is the Director of Advisor Relationships at Buffalo Funds, a Mission, Kansas-based asset manager with 10 actively-managed, no-load mutual funds.