In January 2020 FINRA posted a Notice to members outlining steps firms may consider taking to be prepared and respond to cyberattacks and other business disruptions. The Notice was prompted by a Bulletin issued by the Department of Homeland Security (DHS), which noted that Iran and its partners have demonstrated the intent and capability to conduct operations within the United States, and that an attack may come with little or no warning.
NIST (National Institute of Standards and Technologies) also released its Privacy Framework this month. Like all the other standards that NIST releases, the Privacy Framework is supposed to be open to use and adapt as appropriate for each firm. Its three components provide the framework for establishing a program to build better privacy foundations and bring your privacy risk in line with your other risks, such as organizational risk, trading risk and reputational risk.
If you are unsure of how to respond to the FINRA Notice or NIST’s Privacy Framework release, you may want to listen to last week’s Oyster Stew podcast. Oyster’s Tim Buckler discusses NIST’s Privacy and Cybersecurity Frameworks, what firms should be doing, and how Oyster can help.
Technology has become a vital component of the financial world. Mitigating the risk of a breach, whether by cyber criminals or careless employees is critical to keeping your firm and your clients safe. Oyster can help your firm with both a Privacy Framework and a Cybersecurity Framework implementation. We can also assist with risk assessments, systems management, roles-based access management, physical and data security policies, vendor due diligence, disaster recovery and business continuity planning, prioritization and training. Oyster is the right partner to help you bridge the gap where business and technology meet, ensuring that you have the resources to understand the threats and the ability to protect yourself.
