10 ways advisers can improve their cybersecurity
9. Protect customers
Because cyberhackers find easy points of entry into consumers’ accounts, it has become increasingly clear to the SEC and advisory firms’ IT departments that a computer network is only as strong as its weakest link.
“We try to preach to our users, ‘verify, verify, verify,’” Mr. Sundberg said. “Never download an attachment or accept a weird friend request if it can’t be verified.”
For example, he said, if an advisory firm employee receives a phone call and the person at the other end of the line says he’s from Microsoft tech support and has noticed a computer virus in the firm’s system, the employee should hang up immediately and not let the unidentified caller connect to the firm’s system.
“Or, if you get an e-mail from somebody saying they’ve been mugged on vacation or have lost their wallet and passport or some other doom-and-gloom scenario, most likely their e-mail has been hacked,” Mr. Sundberg said. “Contact that person another way, not through email, whether on a home land line or cellphone.”