Who’s Listening? Your Cybersecurity is Only as Good as Your Weakest Link

sichere DatenYahoo! Another security breach is in the paper – from 2014. While you are changing your passwords and security questions/answers, consider that your firm’s information security is only as good as its weakest link – and the weakest link can be something small. Even as small as a wireless mouse or the Bluetooth piece sitting behind your ear. Although many Bluetooth security issues have dissipated over the last few years, no software has zero security vulnerabilities.

Breaches can be as simple as eavesdropping to software that pairs with a user’s wireless mouse, which could then act like it were the wireless keyboard, and allow an attacker to take control of the entire machine and system where the user is logged in.

Technology has become a vital component of the financial world. Mitigating the risk of a breach, whether by cyber criminals, or careless employees is critical to keeping your firm and your clients safe.

What You Should Do:

Firms should perform a technology risk assessment to determine the greatest areas of risk, and create and update data security policies, procedures and practices around those risks.  Training and education of firm staff are also vital in helping to keep your firm’s data secure.  Oyster can perform a comprehensive information security review including:

  • Formal risk assessments
  • Systems management and supervisory responsibilities
  • Access controls procedures and process documentation
  • Physical and data security policies, procedures and practices
  • Internal and external user monitoring
  • Procedures for change control, release management and implementation of ongoing enhancements
  • Vendor selection and due diligence
  • Disaster Recovery, Data Recovery and Business Continuity Management
  • IT program for managing application security, external/internal penetration and vulnerability assessments
  • Business and technology incident response protocol and procedures
  • Review your firm’s technology governance and Software Development Life Cycle (SDLC)
  • Education and training

The Oyster Difference

Oyster has the background and perspective to help you build and enhance the information security program that is right for your firm. We are the right partner to help you bridge the gap where business and technology meet, ensuring that you have the resources to understand the threats and the ability to protect yourself.

For more information about the cybersecurity services Oyster provides, complete our contact form, and one of our Relationship Managers will be happy to assist you.

Author: Senior Consultant, Howard Zegelstein

With more than 25 years of in the financial services and technology industries, Howard brings extensive experience as a manager and developer in the global equities sector. Howard started his career as a developer supporting a multi-asset, multi-exchange automated trading system at a national broker-dealer. He has worked for global banks and broker-dealer firms, holding a variety of positions including developer, technical lead, hands on project manager, and program manager.  Howard’s experience also includes running a global client connectivity IT team, supporting global equities program trading, global cash equities, global ETD and FX.
LinkedIn
RSS
Facebook
Facebook
Twitter
Visit Us
Google+
Google+

LEAVE A COMMENT