Report assesses consumer security threats at investment firms
HELENA, Mont. – More than 4 percent of investment advisers in a voluntary survey of North American investment houses reported experiencing an attempted cybersecurity incident, according to details of a report issued this month by the North American Securities Administrators Association, of which Montana is a member.
While only 1.1 percent of those respondents reported losing any actual client data, Montana Securities Commissioner Monica Lindeen reminded Montana’s registered investment advisers to review their policies and procedures to ensure they have adequate cybersecurity measures in place.
The North American Securities Administrators Association (NASAA) represents securities administrators, like Commissioner Lindeen, in the United States, Canada, Mexico, the U.S. Virgin Islands and Puerto Rico. The organization released results of a pilot project this month to better understand the cybersecurity practices of state-registered investment advisers, which account for more than half of the registered investment advisers conducting business in the United States.
The survey also found that 62 percent of firms have undergone a cybersecurity risk assessment and 77 percent have policies and procedures related to technology or cybersecurity.
“I was pleased to see a relatively low number of cybersecurity incidents identified in the survey, but cyber-attacks are on the rise in the financial services industry,” Lindeen said. “I suggest investment advisers registered in Montana take time to review the pilot project’s findings.”
The pilot project was designed to help regulators better understand the technology and data practices of state-registered investment advisers; how these advisers communicate with clients; and what types of policies and procedures these advisers currently maintain. The pilot project also focused on specific uses of technology and websites, with a goal of understanding the safeguards used by state-registered investment advisers to protect client information; to inform state examination programs; and to identify national cybersecurity trends relevant to state-registered investment advisers.
A compilation of the survey results is available on the NASAA website at www.nasaa.org.