The IT Law Wiki

Report on Cybersecurity Practices

32,076pages on
this wiki
Add New Page
Add New Page Talk0

Citation Edit

Financial Industry Regulatory Authority (FINRA), Report on Cybersecurity Practices (Feb. 2015) (full-text).

Overview Edit

Like many organizations in the financial services and other sectors, broker-dealers (firms) are the target of cyberattacks. The frequency and sophistication of these attacks is increasing and individual broker-dealers, and the industry as a whole, must make responding to these threats a high priority.

This report is intended to assist firms in that effort. Based on FINRA's 2014 targeted examination of firms and other related initiatives, the report presents FINRA's latest work in this critical area.

Key points in the report include:

  • Technical controls, a central component in a firm's cybersecurity program, are highly contingent on firms' individual situations. Because the number of potential control measures is large and situation dependent, FINRA discusses only a few representative controls here. Nonetheless, at a more general level, a defense-in-depth strategy can provide an effective approach to conceptualize control implementation.
  • A well-trained staff is an important defense against cyberattacks. Even well-intentioned staff can become inadvertent vectors for successful cyberattacks through, for example, the unintentional downloading of malware. Effective training helps reduce the likelihood that such attacks will be successful.

Also on Fandom

Random Wiki