Are you prepared for a cyber attack?

While most financial advisors recognize cyber security risks, few have braced themselves against a breach

The barbarians are at the gate, but it seems the soldiers haven’t even left the barracks.

That’s the basic takeaway from a Financial IQ report. Citing data released by the Financial Planning Association, it explains that even though cyber security is a top-of-mind issue for most advisors, few are actually prepared to deal with it.

A TD Ameritrade Institutional-sponsored survey of 1,015 financial advisors, most of whom are RIAs, was conducted from June to July. It found that only 29% feel adequately prepared to manage and mitigate such risks, and only 26% feel completely confident they can handle and mitigate the risks.

There is apparently still a wide disconnect between acknowledgment and understanding. Eighty-one per cent of advisors put cyber security high on their priority list, but only 44% of the respondents feel confident in their understanding of the issues and risks involved, and 36% feel they and their teams fully grasp the scope of cyber threats.

The survey also found a substantial gap between planning and action. While 82% of respondents say that cyber security is something they’re actively trying or planning to deal with, just 26% are fully aware of the requirements from the SEC’s Office of Compliance Inspections and Examinations. What’s more, only 18% are confident of passing if the OCIE decided to administer a cyber security sweep today.

Applying the classic “put your money where your mouth is” litmus test also yielded telling results. Half of the respondents spent less than $10,000 over the past year on outside help to implement cybersecurity-related procedures and policies, and 23% haven’t spared a dime towards such external help. Internally, the ones who have spent less than $5,000 amounted to 65%.

Most advisors say they are focused on policies, procedures, governance, and risk assessment with regards to cyber security, but 40% of respondents have no plans whatsoever to address vendor management. Furthermore, 39% do not have plans to reinforce access rights.

Related stories:
Clients the biggest cyber threat facing investing firms
Financial advisors face cyber security threat