Cybersecurity touches clients, staff

What may happen when cybercriminals target the financial advisory industry?
DEC 20, 2015
As technology progresses at a rapid pace, financial services firms are faced with a host of cyberthreats, including email hacking, outdated digital signature models and third-party vendor breaches. “This information age creates new opportunities for people who are very innovative in crime,” said Aaron Spradlin, chief information officer at United Planners Financial Services. Cyberattacks have become more common recently, with big names like Sony, Target and even the federal government getting caught in the cross hairs of hackers. The fear among financial services companies is what may happen when cybercriminals target the financial advisory industry. After all, advisory firms are not only the holders of substantial private information, but they are indirectly holding on to assets as well. “The focus [on the industry] is what keeps me up at night,” Mr. Spradlin said. (More: Why cybersecurity cannot be ignored by advisers) InvestmentNews brought eight broker-dealer professionals together at the Technology Tools for Today conference in Weston, Fla., on Nov. 2 to talk about cybersecurity in the digital age. Email in particular remains a constant concern for advisers and their firms. The greatest risk is that a client's email account could be hacked, exposing sensitive information, data and business relationships, and allowing hackers to impersonate the client and gain access to private financial information. Darren Tedesco, managing principal of innovation and strategy at Commonwealth Financial Network, said his firm sees cyberattacks every day. There are 10 to 30 attempted client email hacks a week, he said. “It's crazy,” he said. “We've had to staff departments to help advisers deal with client emails hacked.” With so much information publicly available, it will be increasingly difficult for firms to determine whether clients' accounts are being breached by using security measures that ask for personally identifiable answers to generic questions, such as “What was the model of your first car?” or “Where were you when you learned about Sept. 11?” Warding off hackers also comes down to how employees safeguard their technology. James Clabby, chief information officer at AIG Advisor Group, said his firm provides employees with guidance about security best practices regarding their software and hardware, but at the end of the day, there's always the potential for an unexpected issue. (Related read: Cybersecurity efforts still fall short at advice firms) It's not necessarily how advisers use the technology, it's accounting for all of the hardware out there and all of the sensitive data on various systems. “I worry about having a variety of different equipment, with a variety of different software,” Mr. Clabby said. That's where the cloud and data centers come in. Though the cloud is a more efficient way to do business and offers a certain amount of security safeguards, it also opens firms to potential breaches. “My concern is more generic, which is the complexity,” said Mukesh Mehta, chief information officer at Cetera Financial Group Inc. “We all have data centers, we co-own or have our own. At every point there is a point of failure.” Third-party vendors are a cause for concern as well. Mr. Clabby said that as integration between vendors and institutions grows — and it is growing — firms are left to wonder how safe their data actually are as they reside with those third parties. “When was the last time you went out to wherever the data is physically stored from and, you know, crawled around?” he said. “All of those kinds of questions are coming up at this point.” Certainly regulators have questions. The Securities and Exchange Commission and the Financial Industry Regulatory Authority Inc. have been hammering down on potential cyberholes in firms' practices. It all comes down to instilling security lessons, said Joe Simpson, associate vice president and director of information technology at Securities Service Network. “One of the bigger things we're doing is just education campaigns, both through our advisers and working with the advisers to help educate clients,” Mr. Simpson said. (Continue reading: More on digital disruption in the advice industry)

Latest News

A welcome mat into financial planning
A welcome mat into financial planning

The pandemic hit and internships were in chaos but Hannah Moore saw an opportunity.

RIAs need to visit universities to attract students
RIAs need to visit universities to attract students

RIAs need to find universities that offer financial planning programs and sponsor or host events, advisor suggests.

Orion deepens Capital Group alliance with ETF portfolio tie-up
Orion deepens Capital Group alliance with ETF portfolio tie-up

The leading wealth tech provider is helping more advisors access active ETF models through its exclusive partnership.

JPMorgan client who lost $50M amid dementia battle denied trial
JPMorgan client who lost $50M amid dementia battle denied trial

Case of once-wealthy family highlights risks, raises questions on firms' duties to sophisticated investors suffering cognitive decline.

Stifel loses huge $14.2 million arbitration claim linked to star Miami broker
Stifel loses huge $14.2 million arbitration claim linked to star Miami broker

“The evidence in this case was overwhelming,” says an attorney.

SPONSORED Leading through innovation – with Tom Ruggie of Destiny Wealth Partners

Uncover the key initiatives behind Destiny Wealth Partners’ success and how it became one of the fastest growing fee-only RIAs.

SPONSORED Client engagement strategies, growth and retention in the down markets

Key insights from Gabriel Garcia on adapting to demographic shifts and enhancing client experience in a changing market