Michael Cocanower, CEO of AdviserCyber, joins Mike Langford to discuss the importance of cybersecurity for financial advisory businesses. He highlights the increasing threats and the lack of internal resources for most RIAs to protect against cyber attacks.

Sponsored By:

PodBox - Help your guest sound their best on your podcast, webinar, or important Zoom call with a PodBox microphone setup.

If you would like to follow up with Michael, shoot him an email.

Key Takeaways From This Episode

• The SEC and other regulators are increasingly focused on cybersecurity for financial advisory businesses.

• Most RIAs are not equipped internally to protect against cyber attacks.

• New SEC rules include revisions to Reg S-P and new disclosure requirements.

• Cybersecurity efforts should focus on prevention, detection, mitigation, and remediation.

• Email-based compromise is a common type of attack, emphasizing the importance of cybersecurity training and multi-factor authentication. Multi-factor authentication (MFA) is crucial in preventing email-based attacks and should be implemented by all users.

• Being cautious when clicking on suspicious links and verifying the sender's email address can help identify phishing attempts.

• Ransomware attacks have evolved to include data exfiltration, making prevention and detection even more critical.

• A proactive approach to cybersecurity, including detection, mitigation, and remediation, is necessary to combat cyber threats.

• Engaging in ongoing education and staying updated on cybersecurity trends and best practices is essential for protecting sensitive information.

Resources Mentioned In This Episode:

• How Financial Advisors Can Help Protect the Privacy, Security, and Reputation of Their Wealthy Clients - Mykolas Rambus of Hush

• Protecting Your Clients And Your Firm From Financial Fraud - Andrew Crowell from D.A. Davidson shares his insights from an advisor’s perspective on cybersecurity.

• SEC Reg S-D - Amendments "modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal information by certain financial institutions."

Chapters

00:00 Introduction: The Importance of Cybersecurity for Financial Advisory Businesses

03:08 Understanding the New SEC Rules on Cybersecurity

09:07 The Four Pillars of Cybersecurity: Prevention, Detection, Mitigation, and Remediation

23:50 Common Types of Attacks and the Need for Cybersecurity Training

24:40 Enhancing Security with Multi-Factor Authentication

25:10 Introduction to Cybersecurity Threat Reports

27:01 The Human Element in Cybersecurity

29:41 Recognizing and Avoiding Phishing Attempts

34:16 The Importance of Communication and Verification

41:10 Shifting the Mindset: Assume Breach

46:41 Proactive Measures: Isolating Individual Computers