Secretary of State Urges Investors to be Vigilant about Cybersecurity

Secretary of State Urges Investors to be Vigilant about Cybersecurity

By / State News / Wednesday, 04 February 2015 05:00

RALEIGH, N.C. : February  1st, 2015 - Responding to the ever-growing list of financial institutions targeted by organized cyber-attacks, Secretary of State Elaine F. Marshall today issued an advisory encouraging investors to ask how their financial firms are protecting their personal information. The advisory is on the Secretary of State’s website at sosnc.com.
“The constantly-evolving threat of increasingly sophisticated cyber-attacks means investors need to understand what their firms are doing to safeguard their sensitive financial information,” Secretary Marshall said on Wednesday.
In September 2014, the North American Securities Administrators Association (NASAA), of which the NC Secretary of State’s Office is a member, reported that 62 percent of state-registered investment adviser firms participating in a NASAA pilot survey had undergone a cybersecurity risk assessment, and 77 percent had established policies and procedures related to technology or cybersecurity.
“We all need to be thinking in terms of best practices to protect our financial information from cybercriminals and how firms should respond if client data is compromised. Investors should be proactive and talk with their investment professionals about what steps the firms are taking to protect their clients from data breaches,” Marshall said.
To help investors start that conversation, the Secretary of State’s Office suggests asking the following questions:
• Has the firm addressed which cybersecurity threats and vulnerabilities may impact its business?
• Has the firm put in place written policies, procedures, or training programs to help safeguard clients’ data?
• Does the firm maintain insurance coverage for cybersecurity?
• Has the firm engaged an outside consultant to provide cybersecurity services?
• Does the firm have confidentiality agreements with any third-party service providers that have access to the firm’s information technology systems?
• Has the firm ever experienced a cybersecurity incident where, directly or indirectly, theft, loss, unauthorized exposure, use of, or access to customer information occurred?
• If so, has the firm taken steps to close any gaps in its cybersecurity infrastructure?
• Does the firm use safeguards such as encryption, antivirus and anti-malware programs?
• Does the firm contact clients via email or other electronic messaging, and if so, does the firm use secure email and/or any procedures to authenticate client instructions received via email or electronic messaging, to work against the possibility of a client being impersonated?
“You have a right to ask these questions and firms have a responsibility to give you clear answers in writing. I would urge all investors to simply consider this part of their typical due diligence in being an informed investor,” advised Secretary Marshall.
For more information, contact the Securities Division of the NC Secretary of State’s Office at 1-800-688-4507, 919-807-2100 or This email address is being protected from spambots. You need JavaScript enabled to view it.

Author

Super User

Super User

Carolina Beach North Carolina

Breezy
46°F
W at 25 mph /79%
Saturday
44°F / 60°F
Sunday
51°F / 65°F
Monday
51°F / 65°F

 

Please publish modules in offcanvas position.