Link to the article: The Increasing Importance of Cybersecurity for Registered Investment Advisors
3iCO is a NY based provider of Independent Compliance Officers for Independent Investment Advisers and Private Funds. As compliance and legal professionals, 3iCO takes cybersecurity very seriously. Laura Flanagan, Principal, consulted with cybersecurity expert Brian Edelman for insight to the ever-increasing cybersecurity threats targeting the financial sector. With the aim to advise firms on how to better protect themselves and their clients, Brian was asked about steps an RIA firm should take to strengthen cybersecurity as well as ensure regulation compliance.
Given the enhanced sophistication of cyber threats and The New York Department of Financial Services’ (NYDFS) strong positioning on cybersecurity (and increase in enforcement actions pertaining to 23 NYCRR Part 500 cybersecurity requirements for financial services companies) firms must do their due diligence to implement cybersecurity safeguards.
“To really be protected at a minimum, RIA firms need to follow the regulatory cybersecurity requirements,” said Edelman. “First, appoint someone to be your security officer. Second, make sure you have a formal program you can actually see. Third, have a security risk assessment done. Then you are ready to get your technical controls and data controls in place. And finally, train your team.”
Educating advisors is intrinsic to 3iCO’s supportive relationship with its clients. “When FCI works with 3iCO, we empower compliance firms and RIAs by educating them on next steps to meet cybersecurity requirements.”