Close Close
Popular Financial Topics Discover relevant content from across the suite of ALM legal publications From the Industry More content from ThinkAdvisor and select sponsors Investment Advisor Issue Gallery Read digital editions of Investment Advisor Magazine Tax Facts Get clear, current, and reliable answers to pressing tax questions
Luminaries Awards

Regulation and Compliance > Federal Regulation > FINRA

FINRA Issues Report on Best Cybersecurity Practices

Your article was successfully shared with the contacts you provided.

The Financial Industry Regulatory Authority has shared its Report on Selected Cybersecurity Practices — 2018 to help broker-dealers more effectively review and implement security controls.

The latest report builds on information and advice collected in the 2015 cybersecurity report. It provides more depth and detail on topics such as phishing by reviewing ways to detect attacks, even those that seem to be from trusted sources like a CEO or helpdesk staff.

On some topics like branch controls, the publication lists specific best practices to consider. It also includes an appendix regarding core cybersecurity controls for small firms.

“Securities firms rate cybersecurity as one of their top operational risks, and our new report addresses areas that firms tend to find most challenging,” according to David M. Kelley, surveillance director, member supervision in FINRA’s Kansas City office.

FINRA’s 19-page report highlights the following five topics:

  • Cybersecurity controls in branch offices;
  • Methods of limiting phishing attacks;
  • Identifying and mitigating insider threats;
  • Elements of a strong penetration-testing program; and
  • Establishing and maintaining controls on mobile devices.

A cybersecurity report from the antivirus software maker Norton found 143 million U.S. consumers were victims of cybercrime with total losses of $19.4 billion in 2017.

Furthermore, a recent poll funded by the insurance firm Aon found that of the 5.3 million high-net-worth individuals in the U.S., 77% are more concerned about the cybersecurity risks affecting their personal finances than traditional wealth management challenges, such as market volatility (60%) or changing interest rates (39%).

“There is no one-size-fits-all approach to cybersecurity, so FINRA has made a priority of providing firms with reports and other tools to help them determine the right set of practices for their individual business,” said Steven Polansky, senior director, member supervision in FINRA’s Washington, D.C. office.

More resources, as well as a podcast and video based on the 2018 report, are available at’s cybersecurity topic page.


© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.