The biggest stumbling block for registered investment advisors when it comes to guarding against cybersecurity breaches is not technology-based, it’s a people problem. The right technology is critical, but RIA leaders can face a bigger challenge in fostering a cybersecurity-sensitive culture in a way that resonates throughout all levels of their firms.
RIA technology policies should be non-negotiable, but the reality is, today’s work force tends to need convincing about how these protocols benefit and protect them, their employers and their clients from cyberattacks. Generation X and millennials in particular place a higher premium on convenience versus privacy.
With rare exception, no advisor or RIA employee intends to put client data or firm assets at risk by not adhering to firm policies on cybersecurity. But cyberthieves are increasing in their sophistication, making compliance with these policies a necessity. There was a new identity fraud victim every two seconds in 2014 — that’s $16 billion stolen from 12.7 million U.S. customers — according to Javelin Strategy & Research’s 2015 Identity Fraud Study.
Firms are best served when the senior leadership explains why their cybersecurity policies exist and deliberately models appropriate behavior. When the top levels of the RIA lead by example, cybersecure behavior and attitudes become “normalized” and compliance is much easier to come by.
RIA owners wondering how to start building a cybersecure culture can lead by example with the following:
Clients entrust RIAs with an awesome and serious task: Their advisors are managing hard-earned assets to achieve very personal life goals. The magnitude of this responsibility should give advisors pause and consider: As part of my mandate, is my firm taking the necessary preventative measures to ensure that our clients are protected from cyberthieves?
Active monitoring and implementation of cybersecurity protocols and procedures using leading edge technology keeps your business and your data safe and secure.