It is natural to want to help clients who need an immediate response. But given the complexity of today's attacks, small firms need procedures for validating email and telephone requests for wire transfers, and for identifying and confirming clients. Scammers use publicly available information to build credible back stories and build trust. What seemed like validation overkill 10 years ago is now mandatory as the amount of publicly available information on every one of us increases.
Invest Appropriately For Cybersecurity
Though many small RIAs fall short when budgeting for cybersecurity, others spend without really understanding what types of protection they are—and are not—buying.
Cybersecurity protection need not be prohibitively expensive. Owners of small RIAs should consider cybersecurity as a centralized framework for organizing the technology needed for daily business. This includes everything from email, file sharing and Office suite, to back ups, archiving and security. A good rule of thumb to follow for estimating the costs of a proper technology environment that includes cybersecurity is roughly $200-$350 per person per month, depending on factors.
It is naive to think that cyberthieves will bypass small RIAs in favor of large firms with bigger payouts but tighter controls. In the majority of cases, the smaller firm delivers an easier potential payday. RIA owners who may have neglected their cyber protocols until this point should invest in moving forward with the basics not only for compliance's sake, but for the sake of their livelihoods.
Wes Stillman is CEO of RightSize Solutions, a provider of intelligent cloud technology and business management solutions for advisors. He can be reached at [email protected].