The Financial Industry Regulatory Authority (FINRA), the independent nongovernmental organization that writes and enforces the rules governing U.S. registered brokers and broker-dealers, has issued guidance to its member firms regarding pandemic-related planning. As we’ve been writing (here, here, and here), the COVID-19 crisis has increased the risk of cybersecurity incidents due to remote or telework arrangements and the corresponding increase in opportunistic malicious activity. FINRA has warned member firms to remain “vigilant in their surveillance against cyber threats and take steps to reduce the risk of cyber events.”
Recommendations from FINRA include the following, and are good advice for any company:
- Ensuring that virtual private networks (VPNs) and other remote access systems are properly patched with available security updates
- Checking that system entitlements (access permissions) are current
- Employing the use of multi-factor authentication for people who access systems remotely
- Reminding employees of cyber risks through education and other exercises that promote heightened vigilance
[View source.]
