Powered by MOMENTUM MEDIA
moneymanagement logo
 
 

How financial advisers can prevent cyber breaches

cyber/breach/law/cybersecurity/

21 November 2022
| By Jasmine Siljic |
image
image image
expand image

A specialist cybersecurity lawyer has shared six tips for advisers to mitigate the risk of attacks, following evolving updates from the Optus and Medibank data breaches.  

Katherine Jones, partner at Colin Biggers and Paisley Lawyers, had managed over 500 cyber breaches during her litigation career in handling cybercrime and fraud.

In partnership with the Association of Financial Advisers (AFA), Jones discussed how firms could be proactive against cyber crime and what to do in the event of a breach. 

Financial advisers fell under the category of 'critical infrastructure', according to the Australian Cyber Security Centre. Past cases of cyber crime demonstrated these types of organisations, alongside government bodies, were at a higher risk of online breaches. 

With cyber attacks costing Australians close to $29 billion each year and 75% of cyber crimes resulting in a loss of funds or data, the partner reiterated the importance of having adequate risk management. 

She examined four common types of cyber breaches:

  • Malware, which is designed to cause harm to computer systems. This included trojans, worms, spyware and ransomware;
  • Phishing, when a cyber criminal sends out fake emails to steal the login details of an employee. For phishing to be successful, it needed to come from someone that you would expect to receive an email from;
  • Stolen details, evident in both the latest Medibank and Optus data breaches. This occured when an individual’s credentials were compromised, which made up 19% of all cyber breaches; and 
  • Business email compromise, which Jones described as “the most upsetting” form of breach. This targeted an employee’s email and left them vulnerable to surveillance, particularly those making authorised payments who were at a higher risk.

The Colin Biggers and Paisley partner identified six ways financial advisers could manage their risk and questions they should ask:

People and staff:

  • How adequately are your employees trained?
  • Are there email simulations internally?
  • Do your employees know who to contact if they receive something suspicious?
  • Is there a culture of calling to verify details internally?
  • Jones advised financial advisers to change their passwords monthly to mitigate the risk of a cyber threat.

Secure network:

  • How up-to-date are the systems that you are running?
  • How does your organisation store back-ups?
  • Do you use an external company for penetration testing?
  • Use multi-factor authentication on automatic logins.
  • Cloud-based software will increase your chance of a breach by 45%.

Payments:

  • Who is authorised to make large payments?
  • Do you call to verify payments?
  • Jones advised the advantages of outsourcing and processing payments through a third-party to increase security.

Insurance:

  • Do you need insurance and what does it cover?

Email risk:

  • Phishing simulations enable employees to suspect strange emails.
  • Frequent password changes additionally prevents the threat of stolen credentials. 

Cyber event:

  • What is your plan if a cyber event were to occur? 
  • Is there an escalation process and policy to prevent paying ransoms?
Read more about:

AUTHOR

Recommended for you

sub-bgsidebar subscription

Never miss the latest news and developments in wealth management industry

MARKET INSIGHTS

Significant ethical issues there. If a relationship is in the process of breaking down then both parties are likely to b...

2 weeks 3 days ago

It's not licensees not putting them on, it's small businesses (that are licensed) that cannot afford to put them on. The...

3 weeks 3 days ago

So we are now underwriting criminal scams?...

6 months 4 weeks ago

After last month’s surprise hold, the Reserve Bank of Australia has announced its latest interest rate decision....

2 weeks 5 days ago

WT Financial’s Keith Cullen is eager for its Hubco initiative to see advice firms under its licence trade at multiples which are catching up to those UK and US financial ...

3 weeks 2 days ago

While the profession continues to see consolidation at the top, Adviser Ratings has compared the business models of Insignia and Entireti and how they are shaping the pro...

4 days 16 hours ago

TOP PERFORMING FUNDS

ACS FIXED INT - AUSTRALIA/GLOBAL BOND
Fund name
3y(%)pa
1
DomaCom DFS Mortgage
74.26 3 y p.a(%)
3