Stats reveal financial industry exposure to cyber-attacks
It’s not surprising that those who seek to commit fraud target those in the financial services sector, but a new report shows the proliferation of cyber attacks on the industry.
Figures from the Canadian Securities Administrators’ staff released Thursday show that around 51% of registered firms suffered a cyber incident in 2016.
Of those who were targeted, phishing was the prevalent method (43%) followed by malware (18%) and using email to try to impersonate a client requesting a transfer of assets (15%).
The data is based on a survey of 1,000 registered firms including financial advisors, securities traders and fund managers (63% responded).
The report highlights a weakness among some firms in implementing cyber security policies; only 57% have specific policies and procedures and only 56% have staff training regarding cyber security.
“Preparation is key to mitigating cyber security threats,” said Louis Morisset, CSA Chair and President and CEO of the Autorité des marchés financiers. “We encourage all firms to perform comprehensive risk assessments, and evaluate the strength of existing policies, employee training programs and response plans as they relate to vulnerabilities in these areas.”
The CSA recommends comprehensive training for staff and these can be found on the websites of the provincial securities regulators. They include matters such as safely handling email communications, the use of effective passwords and how to handle threats when they are detected.
Figures from the Canadian Securities Administrators’ staff released Thursday show that around 51% of registered firms suffered a cyber incident in 2016.
Of those who were targeted, phishing was the prevalent method (43%) followed by malware (18%) and using email to try to impersonate a client requesting a transfer of assets (15%).
The data is based on a survey of 1,000 registered firms including financial advisors, securities traders and fund managers (63% responded).
The report highlights a weakness among some firms in implementing cyber security policies; only 57% have specific policies and procedures and only 56% have staff training regarding cyber security.
“Preparation is key to mitigating cyber security threats,” said Louis Morisset, CSA Chair and President and CEO of the Autorité des marchés financiers. “We encourage all firms to perform comprehensive risk assessments, and evaluate the strength of existing policies, employee training programs and response plans as they relate to vulnerabilities in these areas.”
The CSA recommends comprehensive training for staff and these can be found on the websites of the provincial securities regulators. They include matters such as safely handling email communications, the use of effective passwords and how to handle threats when they are detected.
