The Financial Industry Regulatory Authority has shared its Report on Selected Cybersecurity Practices — 2018 to help broker-dealers more effectively review and implement security controls.
The latest report builds on information and advice collected in the 2015 cybersecurity report. It provides more depth and detail on topics such as phishing by reviewing ways to detect attacks, even those that seem to be from trusted sources like a CEO or helpdesk staff.
On some topics like branch controls, the publication lists specific best practices to consider. It also includes an appendix regarding core cybersecurity controls for small firms.
“Securities firms rate cybersecurity as one of their top operational risks, and our new report addresses areas that firms tend to find most challenging,” according to David M. Kelley, surveillance director, member supervision in FINRA’s Kansas City office.