Author: Allison Lovett, Vice President, Content Manager, NICSA

Cyber is number one on the corporate risk dashboard across the globe

NICSA recently hosted several data security experts from Multifonds, Invesco, and the FBI to talk about the current landscape of cyber threats within financial services.   We talked about phishing, ransomware, and email compromises that top the list of the biggest risks facing asset managers today.

There are two types of companies: those that have had a breach and know it, and those that have had a breach and don’t know it

With evolving applications of technology within the asset management industry—from mobile applications, to artificial intelligence and blockchain technology—data protection has become a moving target. The rise of cloud computing and automation has resulted in some level of reduction in the operational knowledge of our cyber environment and, as a result, security priorities are shifting. The asset management industry must recognize that cyber security not only focuses on client data, but also includes the protection of capital and intellectual property. So where are firms committing their cyber budgets? Once a firm can aptly identify its “crown jewel assets” it can focus its budget on those particular threats. Intelligence and analytics are key.

“Man in the middle” threat actors who intercede and redirect payments are a big concern for the industry, as is shoring up legacy systems that may have chinks in the armor against cyber attacks. In the age of the Internet of Things, a rush to technology (with security as a secondary consideration) is a concern for authorities and executives alike. The increased reliance on technology and third parties across the industry brings to light a series of due diligence issues wherein authentication and access controls are essential.

The first time you speak to authorities shouldn’t be when you’re in the midst of a cyber attack

Given the policy landscape, the emerging risks to businesses, and the evolving role of technology professionals within the asset management industry, we reflected on the most important things that firms can be doing today to safeguard data and protect against security. The big ticket items? Knowing the environment; proactively reaching out to local FBI offices; and earnestly preparing for a security breach. Our panel recommended building a cyber security program that fits the organization, aligns with major public policies, and is built with the expectation that a regulator will walk through the door tomorrow. This can only be done by gaining visibility into a corporation’s most important data assets and taking stock of current risk assessments.

A collective view of our panel was that the industry mustn’t lose sight of the fundamentals. Listeners were urged to “get a seat at the table” as companies adopt new technologies, rather than playing security catch up after the fact.

Our thanks go out to ALFI for hosting the webinar, and to our line-up of knowledgeable panelists who provided diverse perspectives on these important issues and engaged participants in an informed discussion. Please share this post with a colleague who may have missed the event. See you at the next #WebinarWednesday!

NICSA: 8400 Westpark Drive, 2nd Floor McLean, VA 22102 • Tel: 508.485.1500 • Fax: 508.485.1560