Guarding against phishing attacks, protecting mobile devices and uncovering insider threats are among the top issues facing securities firms, according to a report from the Financial Industry Regulatory Authority (FINRA) that offers firms new cybersecurity guidance.
The U.S. self-regulatory organization’s report, published Wednesday, aims to provide securities firms with a detailed review of effective information-security controls. It’s part of overall efforts to bolster cybersecurity at brokerages, particularly small dealers.
Among other things, the report covers defending phishing attacks, dealing with insider threats, implementing controls on mobile devices and adopting cybersecurity controls in branch offices. It also provides insight to firms on effectively testing those defences.
FINRA chose to focus on these areas based on its assessment of the “evolving cybersecurity threat landscape, firms’ primary challenges and the most frequent cybersecurity findings” from its compliance exams.
“Securities firms rate cybersecurity as one of their top operational risks, and our new report addresses areas that firms tend to find most challenging,” said David Kelley, surveillance director, member supervision at FINRA, in a statement.