The biggest stumbling block for registered investment advisors when it comes to guarding against cybersecurity breaches is not technology-based, it’s a people problem. The right technology is critical, but RIA leaders can face a bigger challenge in fostering a cybersecurity-sensitive culture in a way that resonates throughout all levels of their firms.
RIA technology policies should be non-negotiable, but the reality is, today’s work force tends to need convincing about how these protocols benefit and protect them, their employers and their clients from cyberattacks. Generation X and millennials in particular place a higher premium on convenience versus privacy.
With rare exception, no advisor or RIA employee intends to put client data or firm assets at risk by not adhering to firm policies on cybersecurity. But cyberthieves are increasing in their sophistication, making compliance with these policies a necessity. There was a new identity fraud victim every two seconds in 2014 — that’s $16 billion stolen from 12.7 million U.S. customers — according to Javelin Strategy & Research’s 2015 Identity Fraud Study.