Financial Industry Regulatory Authority (FINRA) released a checklist last year — based on the National Institute of Standards and Technology’s (NIST) cybersecurity framework, and the SRO’s Report on Cybersecurity Practices — which is made up of five key questions to help your firm analyze its security:
- Do you store, use or transmit personally identifiable information (PII) (e.g., Social Security numbers or date of birth) or firm sensitive information (e.g., financial records) electronically?
- Do you transmit PII or firm confidential information to a third party, or otherwise allow access to your PII or firm confidential information by a third party?
- Do your employees (or independent contractors) maintain devices that access PII or firm confidential information?
- Do you have assets that if lost or made inoperable would impact your firm’s operations (e.g., trading or order management systems)?
- If your systems, PII or firm sensitive information were made inoperable or stolen, would you need to recover them to conduct business?
Depending on your answers, you are then directed to complete 12 sections that apply specifically to your business, with topics that range from Inventory to Third Party Access and Employee Devices. The idea is that by completing the checklist, your firm would better understand what value assets you currently deal with.
But of course, this is all easier said than done. What if you’re too busy to spend the necessary time on this checklist?
Allow us to help.
Brainlink wants to be your trusted cybersecurity expert, helping you follow this checklist and guarantee an iron-clad defense for your firm. As industry-leading experts, our team has the expertise and experience to equip your financial firm with a FINRA approved defense.
Our clients enjoy success, security practices they can rely on and a competitive advantage in their industry because Brainlink has the expertise that other don’t. Why not find out what we can offer you?
Find out right away by getting in touch at (917) 685-7731 or emailing firstname.lastname@example.org.