NFA Information System Security Program Deadline Is March 1

Screen Shot 2015-02-16 at 3.33.18 PMMarch 1, 2016 is the effective date of the NFA Interpretive Notice regarding Information Systems Security program (ISSP). The provisions of the Notice applies to all NFA members. To view the notice click here.

Oyster Consulting CEO and Founding Principal Buddy Doyle spoke on the Industry Experts panel in the recent NFA Cybersecurity Workshops in New York, Chicago and Los Angeles. Other panelists included Peter Salmon, Senior Director of Operations and Technology at Investment Company Institute and Patricia Donahue, Senior Vice President, CCO and Regulatory Counsel at Rosenthal Collins Group.

Topics for the panel included:

  • How cybersecurity attacks happen within the workplace
  • Importance of written response plans with appropriate outside legal representation already in place
  • Training – Training is important for everyone from the mail room to the CEO and it is important to train in a way that isn’t too technical so staff will change their behavior
  • Best Practices – New Accounts and Customer Information; wire instructions; and helping GIBs develop a written cybersecurity program
  • Cultivate a relationship with law enforcement before an event happens
  • Data Breaches: Educate yourself by looking at some of the websites that list data breaches, why they occurred and determine where vulnerabilities exist in your organization
  • Due Diligence – Cyber insurance policies; internal risk assessments, and third party risk assessments
  • Finding reputable firms for penetration testing and performing cybersecurity services

To download the entire workshop audio recording click here. The audio recording includes the entire workshop – the Cybersecurity Experts Panel portion of the recording begins at 56:46.

To learn more about how Oyster Consulting can assist your firm with its cybersecurity concerns, contact Oyster Managing Director Don Horwitz at In addition, please visit our website for more information:

Blog Post: NFA Notice to Members Provides Guidance for Information Security Supervisory Procedures – Don Horwitz, September 16, 2015.
Identity Theft
Information Security Review
Technology Governance, Controls & Software (SDLC)
National Futures Association Registration