Small and midsize advisory firms not targeted by cybercrooks

Only 1% of small and midsize financial advisory firms have had any type of loss or unauthorized use of confidential client information as a result of a cybersecurity breach, according to a survey of 440 advisers released Wednesday by the North American Securities Administrators Association. About 4% of state-regulated advisers have experienced any kind of cybersecurity attempt or event, according to the survey. Advisers in nine states were surveyed to help regulators determine whether clients' private information is being adequately protected by advisers or whether they need to boost cybersecurity readiness. Many firms are taking steps to prep for breaches, despite their low occurrences to date. More than half, or 62% of the firms, have completed a cybersecurity risk assessment and 77% have policies and procedures in place that relate to cybersecurity or secure technology practices, the review found. “While the relatively low rate in cybersecurity incidents identified in the pilot survey are encouraging, state securities regulators are aware of the increase in cyberattacks in the financial services industry and the importance and associated difficulties of securely maintaining private data,” said Andrea Seidt, NASAA president and Ohio Security Commissioner. Advisers regulated by the states have assets under management of less than $100 million. Larger advisory firms are regulated by the Securities and Exchange Commission, which issued a risk alert in April outlining potential areas it will assess in the area of cybersecurity when it conducts adviser examinations. Surprisingly, only 54% of advisers in the survey by state regulators said they use secure e-mail, with 30% saying they did not and 16% reporting they didn't know or didn't respond, the NASAA report found. About 17% said they had insurance coverage to protect against cybersecurity incidents, the survey said. While the majority of firms have completed cybersecurity assessments, the frequency of those reviews varied, with the most firms, 40%, conducting annual checks, the survey found.