X

FINRA Recommends Strengthening Cybersecurity Controls

FINRA recommended measures to strengthen cybersecurity controls to address increased vulnerability to attacks during the COVID-19 pandemic.

In an Information Notice, FINRA urged members to:

  • ensure a secure office and home network by (i) using a Virtual Private Network ("VPN") to access their firm's "work environment," (ii) using a stringent security protocol for a secure Wi-Fi connection, (iii) continually applying software updates, and (iv) changing the login information on home networking equipment (e.g., Wi-Fi routers);
  • secure computers and mobile devices by (i) continually applying updates to their operating system, (ii) installing anti-virus ("AV") software, (iii) understanding firm policy on file storage and back-up, and (iv) locking screens in shared spaces;
  • be vigilant regarding the increasing number of scams; and
  • understand whom to contact in the event of a cyber-breach.

In addition, FINRA recommended that firms:

  • offer staff a secure connection to their work environment or sensitive applications;
  • conduct staff trainings on using secure connections to a work environment from a remote location;
  • urge IT support staff "to be diligent" in vetting incoming calls to avoid bogus requests for password resets or reporting lost phones or equipment, which could compromise firm information or funds; and
  • distribute IT support staff contact information.

Primary Sources

  1. FINRA Information Notice: Cybersecurity Alert - Measures to Consider as Firms Respond to the Coronavirus Pandemic (COVID-19)

Tags

Regulated Activities
Business Continuity Data Protection / Cybersecurity
Sub-Activity
Coronavirus
Regulated Entities
Broker-Dealers
Body of Law
Securities Law
Jurisdiction
US - Federal
Organization
FINRA / MSRB / SEC Exchanges / SIPC / Accountants
Sub-Author
FINRA