Cybersecurity Practices Key Focus for FINRA

 
Monday, January 21, 2019

Submitted by: David Svrcek, Senior Compliance Consultant, Red Oak Compliance Solutions

Given the evolving nature, increasing frequency, and sophistication of cybersecurity attacks one can never be too prepared. FINRA has a page devoted to resources one might find useful in developing their cybersecurity practices.

Some of these resources include:

A Checklist for a Small Firm’s Cybersecurity Program (Excel 114 KB) to assist small firms in establishing a cybersecurity program to:

  • Identify and assess cybersecurity threats, protect assets from cyber intrusions
  • Detect when their systems and assets have been compromised
  • Plan for the response when a compromise occurs
  • Implement a plan to recover lost, stolen or unavailable assets

Report on Selected Cybersecurity Practices – 2018 is a detailed review of effective information-security controls at securities firms. The report is designed to help broker-dealers – including small firms – further develop their cybersecurity programs. The report addresses areas that firms tend to find most challenging: cybersecurity controls in branch offices; methods of limiting phishing attacks; identifying and mitigating insider threats; elements of a strong penetration-testing program; and establishing and maintaining controls on mobile devices.

In addition, FINRA has developed the Compliance Vendor Directory (CVD). The FINRA CVD is designed to give firms more options in locating vendors that provide compliance-related offerings, including cybersecurity vendors and services.

They have also assembled a list of Non-FINRA cybersecurity resources that firms may use to manage their cybersecurity risk. These resources include:

  • News and analysis
  • Effective practices and guidance 
  • Free diagnostic tools 

While FINRA is careful to disclose that none of these products, services or resources ensure compliance with regulatory requirements this information can be a valuable starting point.

We help broker-dealers, advisors, investment firms, and hedge funds meet regulatory requirements, improve their compliance programs and increase ROI. We provide customized services to get your firm up and running, on-going compliance assistance, workflow software solutions and much more to keep your compliance program on track.

For more information about Red Oak Compliance software and services solutions, partnership and/or integration opportunities or to schedule a demonstration, please visit us online, email us sales@redoakcompliance.com or give us a call at 888-302-4594.

About Red Oak Compliance Solutions

Red Oak Compliance Solutions is the global advertising review software of choice in the financial services industry. It is a comprehensive suite of SEC 17A-4 compliant features that are 100% books and records compliant and provides clients with 35% faster approvals and 70% fewer touches or better. We also offer Smart Review(SM), which solves for the storage and maintenance of disclosures, helping firms reduce risk, decrease review times, and increase the speed of distribution of marketing materials. Smart Registration(SM) automates the licensing and registration management process to help reduce regulatory risk and time spent on manual processes. Overall, Red Oak allows firms to minimize risk, reduce costs, and increase compliance review process effectiveness and efficiencies.