The SEC Has Published A Cybersecurity Preparedness Guide, Will You Pass The Audit?
Thursday, April 17, 2014 13:37

Tags: cybersecurity audit | exam | OCIE | sec

The U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) will be conducting examinations of more than 50 registered broker-dealers and (RIA) registered investment advisers, focusing on areas related to cybersecurity.

This Website Is For Financial Professionals Only

On March 26, 2014 the SEC sponsored a Cybersecurity Roundtable.  During the discussions the importance of gathering information and considering what additional steps should be taken to address cyber-threats was emphasized.


Examinations are designed to assess cybersecurity preparedness in the securities industry and to obtain information about the industry’s recent experiences with certain types of cyber threats.  These examinations will focus on:


1.  Your cybersecurity governance

2.  Identification and assessment of cybersecurity risks

3.  Protection of networks and information

4.  Risks associated with remote client access and funds transfer requests

5.  Risks associated with vendors and other third parties

6.  Detection of unauthorized activity

7.  Experiences with certain cybersecurity threats


The Commission has provided a sample request to help all firms be prepared for this examination:


What would happen if your firm did not pass one of these audits?  Do you think your clients would feel safe trusting you with their sensitive information?  Making sure the points listed in the document above are covered is important, but it can also be technical and time consuming.


The best attack plan is to put together a team of professional that specialize in each area.  The team should consist of a law firm, an accounting firm, and an IT security firm such as Financial Computer Services.


With ProtectIT from Financial Computer Services you will be able to show your firm’s networks and systems are up to date and secure.  Our continuous reporting system can compile all of the information you will need, to provide an auditor, in minutes not days.  ProtectIT will assist with the following points the exam will focus on; the identification and assessment of cybersecurity risks, protection of networks and information and the detection of unauthorized activity.


To read more:

Heartbleed May Be the Worst Security Hole The Internet Has Ever Seen
Friday, April 11, 2014 15:57

Tags: heartbleed | security hole | virus

Millions of passwords, credit card numbers and other personal information is at risk as a result of a major breakdown in Internet security.

This Website Is For Financial Professionals Only

The Heartbleed virus allows hackers to exploit a flaw in the encryption software OpenSSL. 


OpenSSL encryption software is used by a majority of major websites and is designated by a small closed padlock symbol and “https” on Web browsers. 


When a secure connection is made between two computers, one computer may check if the other computer is available.  The computer would check by sending a small packet of data, called a heartbeat, which the other computer then confirms.  A hacker can use a fake packet of data, which tricks the computer into responding with data stored in its memory.  The hacker then has access to steal personal information such as credit card numbers and passwords. 


A patched version of OpenSSL has been released, now it is up to each site to apply this patch. 


Do not log into accounts from affected sites until you are sure the company has patched the problem. 


Once you have confirmation of the security patch you will need to change your password.


LastPass has created a tool that will check a site to see if it effected by this virus:


Read more for a list of sites that have been effected and have applied the security patch:\

How Much Is Everything On Your Computer Worth To You?
Wednesday, April 09, 2014 07:36

Tags: CryptoLocker | encryption | files | ransomware

Criminals behind a vicious virus, Cryptolocker, are betting between $300 and $2500.  With just one innocent click any one employee can cause the data for an entire company to be compromised.

This Website Is For Financial Professionals Only

Cyber criminals are disguising this damaging virus inside a PDF that is attached to an email that appears to come from UPS or FedEx.  When the intended victim opens the attachment, Cryptolocker is instantly downloaded and installed on their computer.  Once on your computer all of your files are encrypted and held ransom until payment is received.  It is essentially extortion with all your personal documents, photos and files at risk. 


Unfortunately, once the encryption of the files occurs, decryption is not likely.  Paying these criminal will only encourage them to do further damage, plus there is no guarantee they will release your files back to you. 


Here are some tips on how you can protect yourself:

1.  Backup files – No system is completely secure.  Make sure your files your files are regularly backed up and stored in a safe place.  If your computer is compromised you will be able to still access your files.


2.  Use safe e-mail habits – Be wary of e-mail from senders you don’t know, and never download or open an attachment you are sure you know what it is and that it is safe.  You should be especially wary of unexpected email from postal/package services and dispute notifications.


3.  Up-to-date programs – Make sure your antivirus and operating system are up-to-date.  If you let these programs get out-of-date, criminals are more likely to infect your computer and use it to break into other computers.


Cryptolocker is not the only malicious virus out there.  Every day cyber criminals are coming up with new ways to steal our data.  By keeping your programs up-to-date and using safe web browsing and email habits you can limit the risk of catching one of these nasty viruses. 


Read more about Cryptolocker:

Cybersecurity Top Risk For Financial Firms
Tuesday, April 08, 2014 09:55

Tags: advisors | cybersecurity | data breach | FINRA | sec

The recent massive customer data breaches that have occurred at well-known retailers is causing the government and businesses to take a deeper look into cybersecurity.

This Website Is For Financial Professionals Only

In February, Finra announced its plans to try and understand the dangers that lurk online for financial companies.  Finra will examine some of its member firms to see what precautions they are taking to protect themselves from online threats.  They will be surveying 20 firms and looking to review each of the firms’ cybersecurity preparation and supervision.


The SEC has also announced that it will be conducting cybersecurity examinations.  In a compliance conference the SEC informed its audience that they will be reviewing the resources that firms devote to information security, their policies for assessing, preventing and responding to attacks and their systems guarding against identity theft.


Cyber thieves are always looking for new ways to steal your information.  Just one wrong click could give a cybercriminal the key to all of your clients’ sensitive data.  As an advisor it is important for you to have a process in place to check for cyber threats and protect your data. 


Read more:

Uber Is Launching An On-Demand Courier Service In Manhattan
Monday, April 07, 2014 20:47

Pretty much anyone who has used Uber to get a car has been impressed.

So it is worth noting that Uber the now moving into the messenger business in Manhattan.

The car service spread rapidly across the U.S. and globally, and it's a good bet the the courrier service will do the same. 








Uber iUber is launching an on-demand courier service tomorrow (exclusive)
s launching an on-demand courier service tomorrow (exclusive)


This Website Is For Financial Professionals Only

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 206