February 4, 2015 - The Securities and Exchange Commission today released publications that address cybersecurity at brokerage and advisory firms and provide suggestions to investors on ways to protect their online investment accounts.
“Cybersecurity threats know no boundaries. That’s why assessing the readiness of market participants and providing investors with information on how to better protect their online investment accounts from cyber threats has been and will continue to be an important focus of the SEC,” said SEC Chair Mary Jo White. “Through our engagement with other government agencies as well as with the industry and educating the investing public, we can all work together to reduce the risk of cyber attacks.”
One publication, a Risk Alert from the SEC’s Office of Compliance Inspections and Examinations (OCIE), contains observations based on examinations of more than 100 broker-dealers and investment advisers. The examinations focused on how these firms:
- Identify cybersecurity risks
- Establish cybersecurity policies, procedures, and oversight processes
- Protect their networks and information
- Identify and address risks associated with remote access to client information, funds transfer requests, and third-party vendors
- Detect unauthorized activity
“Our examinations assessed a cross-section of the industry as a way to inform the Commission on the current state of cybersecurity preparedness,” said OCIE Director Andrew Bowden. “We hope that investors and industry participants will also benefit from what we have learned.”
The second publication, an Investor Bulletin issued by the SEC’s Office of Investor Education and Advocacy (OIEA), provides core tips to help investors safeguard their online investment accounts, including:
- Pick a “strong” password
- Use two-step verification
- Exercise caution when using public networks and wireless connections
“As investors increasingly use web-based investment accounts, it is critical that they take tical that they take steps to safeguard those accounts,” said OIEA Director Lori J. Schock. “This bulletin provides everyday investors with a set of useful tips to help protect themselves from cyber-criminals and online fraud.”