Stricter financial compliance regulations point to need for improved security

Stricter financial compliance regulations point to need for improved security

In the wake of the brutal data breaches enterprises suffered in 2014, industry regulators have been creating stricter compliance standards and increasing the frequency of cybersecurity audits. Regulations are changing in practically every sector, but the requirements for financial institutions are becoming especially severe due to large scale attacks on banks and brokers last year. Because of this, advisors and investors are scrambling to find a way to address their technological shortcomings and protect client information from an ever-worsening threat environment.

“Especially this year, when the SEC and FINRA released their guidelines, cybersecurity has been a heightened area of conversation,” said Neal Quon, co-founder of financial technology consulting firm QuonWarrene. “There’s a lack of a standard. It’s the minimum of what you can do today to respond to a threat. You have to be nimble to respond to every evolving threat.”

Driving this race to compliance are the changes made by the Security and Exchange Commission’s Office of Compliance Inspections and Examinations. The new guidelines require the office to take into higher consideration the quality of a firm’s technical infrastructure. The agency is quick to point out that these changes mean they aren’t messing around when it comes to security. Vincente Martinez, chief of the SEC’s Office of Market Intelligence, said that the Commission will be levying action via Regulation S-P against organizations that don’t comply. The Financial Industry Regulatory Authority has said they will be levying actions under the same rule, as well as FINRA Rule 2010.

Knowledge of cyberthreats key to increasing protection
Industry experts believe that what is most necessary to make a change in the cybersecurity of financial institutions is a fundamental understanding of the risks that face their businesses everyday. William French, vice president of risk management at Fidelity Investments, said that firms must make a point to learn about current cyberthreats and share that information with their clients. Hackers are now using sophisticated phishing schemes that target customers as well as employees, so everyone involved needs to be aware of the risks.

Utilizing a layered security approach is one of the most reliable ways to ensure data protection and help to educate staff members about proper security methods. Employing a whitelisting solution like Faronics Anti-Executable as part of a layered security strategy allows businesses to block any unapproved application from being run and keeps business-critical hardware safe from infections. Current system updates are also easily managed with the program, doubling the amount of protection an organizations receives,

About The Author

Suzannah Hastings

Suzannah is interested in all things digital, from software security to the latest technological advances. She writes about ways in which the increasingly internet-driven landscape and windows technologies like steady state alternative that change our lives, and what we can expect in the future.

Sign Up For A 30-Day Trial


Deep Freeze Enterprise

Centralized deployment and management as well as a host of configuration options for the Enterprise.

  • This field is for validation purposes and should be left unchanged.

Ready to find out more about Faronics? Let us know how to reach you.

We're here to help you in any way possible.