Submitted by: David Svrcek, Senior Compliance Consultant, Red Oak Compliance Solutions
Given the evolving nature, increasing frequency, and sophistication of cybersecurity attacks one can never be too prepared. FINRA has a page devoted to resources one might find useful in developing their cybersecurity practices.
Some of these resources include:
A Checklist for a Small Firm’s Cybersecurity Program (Excel 114 KB) to assist small firms in establishing a cybersecurity program to:
- Identify and assess cybersecurity threats, protect assets from cyber intrusions
- Detect when their systems and assets have been compromised
- Plan for the response when a compromise occurs
- Implement a plan to recover lost, stolen or unavailable assets
Report on Selected Cybersecurity Practices – 2018 is a detailed review of effective information-security controls at securities firms. The report is designed to help broker-dealers – including small firms – further develop their cybersecurity programs. The report addresses areas that firms tend to find most challenging: cybersecurity controls in branch offices; methods of limiting phishing attacks; identifying and mitigating insider threats; elements of a strong penetration-testing program; and establishing and maintaining controls on mobile devices.
In addition, FINRA has developed the Compliance Vendor Directory (CVD). The FINRA CVD is designed to give firms more options in locating vendors that provide compliance-related offerings, including cybersecurity vendors and services.
They have also assembled a list of Non-FINRA cybersecurity resources that firms may use to manage their cybersecurity risk. These resources include:
- News and analysis
- Effective practices and guidance
- Free diagnostic tools
While FINRA is careful to disclose that none of these products, services or resources ensure compliance with regulatory requirements this information can be a valuable starting point.
We help broker-dealers, advisors, investment firms, and hedge funds meet regulatory requirements, improve their compliance programs and increase ROI. We provide customized services to get your firm up and running, on-going compliance assistance, workflow software solutions and much more to keep your compliance program on track.
For more information about Red Oak Compliance software and services solutions, partnership and/or integration opportunities or to schedule a demonstration, please visit us online, email us sales@redoakcompliance.com or give us a call at 888-302-4594.
About Red Oak Compliance Solutions
Red Oak Compliance Solutions is a leading provider of intelligent compliance software, offering a range of AI-powered solutions designed to help firms of all sizes successfully navigate the increasingly complex regulatory landscape. Our suite of 17(a)-4/WORM compliant features offer risk minimization, cost reduction, and process optimization capabilities with features that are designed to evolve with our client’s needs. Our flagship advertising review software enables firms to deliver compliant content to the market with confidence, faster. Our Disclosure Management and Intelligence solution simplifies the management of disclosures, while our Registration Management solution automates and streamlines the licensing and registration process, further enhancing your internal processes.