Tag Archives: cybercrime

SEC “Cybersecurity is one of the greatest risks facing the Financial Services Industry”

SEC

Mary Jo White, Chair of the U.S. Securities and Exchange Commission (SEC), delivered a Keynote Address Investment Company Institute 2016 General Meeting in Washington, DC on the 20th May

The Commission is the primary regulator of the mutual fund industry which is comprised of 8,131 mutual funds with approximately $15 trillion in assets held by 54 million U.S. households as of March 2016.

White advised that the current and future health of the markets and the financial security of investors depend on the success of both its regulatory efforts and how well the industry participants do their jobs as fiduciaries and responsible leaders of the marketplace.

She highlighted 3 significant areas of regulation for the asset management industry:

  • controls on conflicts of interest;
  • a robust registration, reporting and disclosure regime; and
  • controls on specific fund portfolio composition risks and operational risks

Looking to the future, White highlighted disclosure effectiveness and ETFs as key areas of focus for the SEC. She also highlighted a number of areas where the sector must take the lead.

White believes a key challenge for the industry is the risk in using technology and service providers. She stressed the importance of firms ensuring that a fund is adequately prepared to promptly and effectively respond to risks that may be triggered by service providers and its own use of technology, including implementing alternative and reliable means to satisfy the fund’s regulatory requirements.

Cybersecurity is a particularly critical element of this challenge – as I have said before, cybersecurity is one of the greatest risks facing the financial services industry.  Cyber risks can produce far-reaching impacts, and robust and responsible safeguards for funds and for their investors must be maintained”.

The Commission has been very active in drawing attention to the issue and examining and enforcing the rules it oversees in respect of cybersecurity. Its regulatory efforts are focused primarily on ensuring that our registered entities have policies and procedures to address the risks posed to systems and data by cyber-attacks.

While no one can prevent all disruptions from cybersecurity events, you should consider the full range of cybersecurity risks to your funds and consider appropriate tools and procedures to prevent breaches, detect attacks and limit harm”.

BRG recently undertook a Cybersecurity Preparedness Benchmark Study. The study examined six main areas:

  • Leadership
  • Information Governance
  • Risk Management
  • Essential Protection
  • Incident Response and
  • Security Culture

For financial services, BRG partnered with the Institute of Operational Risk.

The results of the Benchmark will be released shortly.

For further information, please contact:

USA:                      Faisal Amin         famin@thinkbrg.com

UK/EMEA            Tony Moroney  tmoroney@thinkbrg.com

The views and opinions expressed in this article are those of the authors and do not necessarily reflect the opinions, position, or policy of Berkeley Research Group, LLC or its other employees and affiliates.

65% of UK large businesses experience a cybersecurity breach / attack

BRG cyber securityIpsos MORI and its partner, the Institute of Criminal Justice Studies (ICJS) at the University of Portsmouth, were commissioned by the UK Government’s National Cyber Security Programme to survey UK businesses on their approach to cyber security and the costs they have incurred from cyber security breaches.

The Cyber Security Breaches Survey found that 65% of large businesses experienced a cybersecurity breach or attack in the past year with 25% of these experiencing a breach once a month.

The most common attacks detected (68%), involved viruses, spyware or malware. Key areas for improvement included incident response and staff training.

Ed Vaizey, Minister of State for Culture and the Digital Economy said: “We see a steady stream of breaches and attacks on firms which assume they are on top of security, but still haven’t got a good understanding of the possible impact on their business or what they should do about it”.

Results from the survey are being released alongside the Government’s Cyber Governance Health Check (launched following the TalkTalk cybersecurity attack); the Health Check found that almost half of the top FTSE 350 businesses regarded cybersecurity attacks as the biggest threat to their business when compared with other key risks – up from 29 per cent in 2014.

BRG recently undertook its own Cybersecurity Preparedness Benchmark Study. The study examined six main areas:

  • Leadership
  • Information Governance
  • Risk Management
  • Essential Protection
  • Incident Response and
  • Security Culture

For financial services, BRG partnered with the Institute of Operational Risk.

The results of the Benchmark will be released shortly. For further information, please contact:

USA:                      Faisal Amin

UK/EMEA            Tony Moroney

The views and opinions expressed in this article are those of the authors and do not necessarily reflect the opinions, position, or policy of Berkeley Research Group, LLC or its other employees and affiliates.

Cyber-security : Are you prepared?

by Michael Champion, Management Consultant, BRG mchampion@thinkbrg

 

It is just under a month and a half into 2016, and we already have over 60 confirmed data breaches exposing over 1.4 million personal information records[1]. And this is only considering personal information leaks, not breaches in which the target is intellectual property. It is no longer the mind-set of companies to think ‘Have we been breached?’ but rather ‘When were we breached, and did we catch it and resolve it?’ So now is it time for organisations to become aware of their own security? Continue reading Cyber-security : Are you prepared?

Protecting yourself: The secure connection

by Michael Champion, Berkeley Research Group mchampion@thinkbrg.com

I’d like you to ask yourself a few questions. How many times a day do you access a website? Now, for how many of those do you have to enter a password? For how many other websites does that user name and password work? And of those, how many times did you check that the website was secure? Continue reading Protecting yourself: The secure connection

Phishing for the Holidays

by Michael  Champion,  mchampion@thinkbrg.com

It’s holiday season once again. And once again countless shoppers will turn to online stores to avoid the holiday madness within stores—and for convenience. By shopping online we increase the time we are online searching for that perfect gift, confirming orders placed, going through social media making sure the recipient doesn’t already have the gift so carefully selected, and going frantic to make sure we didn’t skip anyone. This situation creates the perfect opportunity for one of the more common hacking techniques in use today: phishing. Continue reading Phishing for the Holidays

Target faces up to $10 billion compensation bill to data theft victims

Approval has been given for over 100 million victims of data theft in 2013 from retail giant Target to claim compensation of up to $10,000 each.

The class action lawsuit brought by the victims effectively caps the potential compensation bill at $10 billion. Continue reading Target faces up to $10 billion compensation bill to data theft victims