If you have been watching or listening to the news, you may be aware of a ransomware attack known as WannaCry, WCry, or Wanna Decryptor that has affected many businesses in over one hundred countries. The ransomware locks files on the infected computer system and encrypts them so they cannot be accessed until you pay the ransom.
How do you protect against the WannaCry ransomware? All Microsoft Windows users should verify that their operating systems have been updated and all current security patches have been installed. Also, Broker-Dealers and Investment Management Firms can review the alert published by the United States Department of Homeland Security’s Computer and Emergency Readiness Team – — U.S. Cert Alert TA17-132.
The Office of Compliance Inspections and Examinations (OCIE) has identified multiple security practices, procedures and controls that all firms can use to guard against ransomware. The following are some of the security practices, procedures, and controls they identified:
Cyber-risk Assessment: Firms should periodically conduct risk assessments of critical systems to identify cybersecurity threats, vulnerabilities, and the potential business consequences.
Penetration Tests: Firms should periodically conduct penetration tests and vulnerability scans on systems that the firms consider to be most critical.
System Maintenance: Firms should verify regular system maintenance is being completed and ensure that critical software patches that address security vulnerabilities are being installed.
As part of an effective cybersecurity program, the above are a few key security practices that each firm needs to verify they are conducting and are including in their cyber security policies and procedures. Please contact Red Oak Compliance Solutions if you would like help in drafting cybersecurity policies and procedures.
About Red Oak Compliance Solutions
Red Oak Compliance Solutions is the global advertising review software of choice in the financial services industry. It is a comprehensive suite of SEC 17A-4 compliant features that are 100% books and records compliant and provides clients with 35% faster approvals and 70% fewer touches or better. We also offer Smart Review(SM), which solves for the storage and maintenance of disclosures, helping firms reduce risk, decrease review times, and increase the speed of distribution of marketing materials. Smart Registration(SM) automates the licensing and registration management process to help reduce regulatory risk and time spent on manual processes. Overall, Red Oak allows firms to minimize risk, reduce costs, and increase compliance review process effectiveness and efficiencies.