As the July 2024 CrowdStrike outage reinforced, cyber incidents can be devastating whether they originate with a bad actor or not. That’s why, across all industries, Chief Technology Officers and their teams fight a constant battle to stay ahead of potential disruptions, breaches, outages, attacks, intrusions and errors in order to safeguard their clients and firms. The liabilities associated with falling short – financial and otherwise – make this a high-stakes undertaking that only gets more complex as cybercriminals become bolder and digital capabilities more intricate.
Because the regulatory bodies overseeing financial services firms have made cybersecurity a focus, the guidance and mandates put forth by the SEC and FINRA have helped to create a strong framework within which wealth management firms and financial advisors operate. But it’s a constantly evolving ecosystem. While everyone loves a good software upgrade, each iteration designed to enhance functionality opens up new avenues of vulnerabilities that can be exploited.
Executives tasked with ensuring their firms are operating within a safe and compliant environment have a unique – and uniquely informed – perspective on how to assess and address the challenges associated with evolving cyber threats. We caught up with three specialists to discuss how their firms are addressing the cybersecurity concerns, trends and advancements that are impacting the wealth management industry, and how advisory firms should approach them:
- Kevin Sutton, Chief Technology Officer, AlphaONE, a cybersecurity and IT solutions provider
- Gary Taylor, Managing Director of Operations, Sowell Management, a privately held North Little Rock-based RIA firm serving over 100 Investment Advisory Representatives (IARs) as well as RIA firms
- Andrea Shafer, Executive Vice President and Chief Supervision Officer, Cambridge Investment Research, Inc., an internally controlled and operated financial solutions firm focused on serving independent financial professionals and their clients
Kevin Sutton – Many financial advisors mistakenly believe that their cybersecurity is adequately covered, either by their affiliated firm or simply through having anti-virus software. However, they often are far more vulnerable than they realize.
Wealth management firms and individual practices face significant risks, particularly from ransomware, Business Email Compromise (BEC) and regulatory compliance failures. BEC is a growing threat where a compromised email account allows threat actors to communicate directly with clients, partners and custodians, potentially leading to unauthorized access to funds.
Additionally, with the rising concern over zero-day threats, the possibility of a technology control failing is an ever-present reality. Firms must be equipped not only to prevent such incidents but also to swiftly detect and respond to them before any irreversible damage is done.
Given these risks, it’s essential for firms to invest in tools designed to mitigate them. This is not just about defense; it’s about proactive protection. The recent SEC amendments to Reg S-P highlight the importance of having clearly defined procedures in place to protect client information, notify them of any breach and remediate any impact. Moreover, the SEC now mandates that firms monitor the cybersecurity of their third-party vendors as well, reflecting the seriousness of incident response in today’s regulatory environment.
In this context, AlphaONE developed Guardian to identify cybersecurity threats, address them before they escalate into data breaches, and stay ahead of malicious actors worldwide, ensuring that advisors can operate securely and confidently in an increasingly complex digital landscape.
Gary Taylor – Sowell Management recognizes the dynamic nature of cyber threats and the critical need to protect our data. To effectively address these challenges, we have engaged a specialized cybersecurity firm to manage our network and email infrastructure around the clock. Their comprehensive services include securing our internal network, conducting regular penetration tests, monitoring endpoints, providing employee training and filtering out malicious emails before they can reach any Sowell employee or advisor.
We ensure our SaaS application vendors adhere to strict cybersecurity standards by requiring written policies and practices, which we review on a regular basis. Furthermore, we have adopted a fully integrated financial services application, which not only improves operational efficiency but also reduces the amount of data in transit and consolidates login security into a single application.
For advisory firms and advisors, it is essential to use two-factor authentication (2FA or MFA) wherever possible and to exercise caution when dealing with emails and attachments. Advisors should confirm that email addresses match the sender’s name to avoid phishing scams. Our cybersecurity extension in Outlook allows advisors and employees to report suspicious emails to our Cyber team for evaluation, enhancing our protection against potential threats and helping to refine our system’s ability to detect attackers. Suspicious emails are either deleted or returned to the sender based on our findings.
Andrea Shafer – Lately, bad actors have been focused on using ransomware, business email compromises and identity attacks. But looking ahead, we are turning our attention to the cloud as that is becoming a prime target for malicious activity. As more of us rely on cloud-based systems, attacks on those systems are becoming more prevalent. Still, looking even further ahead, we are keeping an eye on what generative AI might do in this space. The worry is that people will leverage generative AI to create fraudulent emails, websites, links, etc., that are nearly indistinguishable from the real thing.
To combat these threats, advisors and their firms, no matter the size, must be highly disciplined in their commitment to the fundamentals of cybersecurity. Multi-factor authentication, encryption, and access control are the cornerstones of an effective cybersecurity strategy and will remain crucial as we move forward. Advisors also need to make sure they have a strong culture of cybersecurity so that everyone, from administrative staff to the CEO, is paying close attention and adhering to proper protocols. The vast majority of compromises in financial professionals’ offices are email compromises, and it’s often because those offices don’t have the appropriate security protocols.
