Financial Industry Firms have specialized needs when it comes to developing cyber-security procedures and policies
Brokerage and Investment Advisor firms hopefully recognize a one-size-fits-all approach to
CyberSecurity does not work. Today's firms will need to look beyond their
Information Technology personnel and consider their operations in order to establish a comprehensive Cybersecurity
procedures and policies manual. Adopting an “ISSP” Information Systems Security
Program appropriate to your circumstances and “IRP” Incident Response Plan that
your personnel can successfully implement is key to prevention, detection, and
recovery.
National Futures Association | CyberSecurity - Interpretive
Notice ¶9070
The firm must develop and maintain a written ISSP for securing customer data and access to their electronic systems, which should be maintained with the rest of the firm’s written procedures. Although the firm is not required to have a separate single document describing every aspect of its ISSP, a comprehensive written policy may be the best way to ensure that firm personnel know what the firm’s policy is, depending upon the firm's size and complexity of business and technological operations.
RND Resources recognizes the significant challenges and risks that investment securities dealers and advisors face in protecting sensitive client and company data as well as proprietary trade system information. Developing a plan consistent with your own firms operations is an important first step. The checklist we created will help you get started on the comprehensive ISSP and IRP. If you have any questions or prefer to have one of our professionals help get you started on a cyber-security program, please feel free to reach out to us at (818) 657-0288.
CYBER-SECURITY CHECKLIST WITH GAP ANALYSIS AND CYBER INSURANCE COMPARISON WORKSHEET
Click the link here to download RND Resources Inc Cybersecurity Checklist. The checklist will help you evaluate what
your firm needs to conduct a thorough cybersecurity evaluation and develop the
regulatory required “ISSP” Information Systems Security Program and “IRP”
Incident Response Plan. Our checklist enables you to;
- Identify potential threats and risk gaps
- Rank the threat value of risk gaps
- Match gaps to sections of the CyberSecurity Compliance Procedure manual
- Assign tasks to team members
- Record completion estimates and due dates
- Maintain notes all throughout the process
BONUS: Cyber Insurance Comparison Worksheet
We’ve also
included our Cyber Insurance comparison worksheet that will help you compare
policy coverage limits and policy riders across carriers, as well as rank premium prices; all to help determine
which policy best fits your firms level of risk and risk tolerance
Need Assistance?
Need help
with Technical changes to your system or Penetration testing? We have the tools
and expertise to; Conduct a quick-hit assessment of your Information System;
Provide a high-level assessment report and; Develop the ISSP and IRP for
regulatory compliance. Call us for more information
(818) 657-0288, or Complete the form on our website
No comments:
Post a Comment
Your comments are welcome: