Financial Service Firm's Cybersecurity Program

financial service firms
CYBERSECURITY AND PRIVACY PROGRAM

Compliance Requirements and Sensitive Data

Cybersecurity Compliance: GLBA, NY DFS 500, federal and state banking regulations. Any other applicable state or national cybersecurity regulations (typically based on customer location). This includes regulations focused on Registered Investment Advisors (RIAs). Any applicable PCI requirements.
Privacy Compliance: Any applicable state or national privacy regulations based on customer location - incudes CCPA.
Data: Sensitive financial data or records. Client personal and business data. Company business and personal data.

Financial service firms in general are responsible for some of the most sensitive information in our society. Client financial information, bank statements, tax returns, personal client financial data, credit data...the list goes on and on. (See the Compliance Requirements and Sensitive Data info above). That is why the industry is monitored and regulated by so many different entities including:

Federal Reserve Board (FRB)
Federal Deposit Insurance Corporation (FDIC)
Office of the Comptroller of the Currency (OCC)
Office of Thrift Supervision (OTS)
Commodity Futures Trading Commission (CFTC)
Financial Industry Regulatory Authority (FINRA)
State Bank Regulators
State Insurance Regulators
State Security Regulators
Securities and Exchange Commission (SEC)
Federal Trade Commission (FTC)

And while it is true that some of the larger financial service firms have done a good job protecting the data they are responsible for, the great majority of financial service firms have sadly neglected their responsibilities in this area - despite much (and increasing) regulatory pressure. As a result, these financial service firms have exposed their clients and themselves to much unnecessary cybersecurity and regulatory risk.

And the necessary move to more remote work is increasing these risks because remote work increases the attack surface into your networks. We urge you to take a close look at our free Remote Work Cybersecurity Program. It will help you address this new business risk.

Also, please take a look at our Turnkey Cybersecurity & Privacy Programs that match your business size and other requirements. We offer the only comprehensive, turnkey programs for small to medium sized businesses. Our programs include direct hands-on support from us to ensure that you are actually able to build a program that protects the data you are responsible for. We find that most small companies cannot build a professional program that actually protects data and meets compliance requirements without this support. We provide superior support.

Level