Trusted client relationships target for hackers in advice firms
With the financial services industry being 300 times more likely to experience a cyber attack, financial advice firms are urged to consider the volume of client information they hold and how it can be safeguarded.
Fraser Jack, founder of the Cyber Collective, recently spoke at the Institute of Managed Account Professionals (IMAP) Virtual InvestTech conference.
In order for advice practices to implement cyber security measures, Jack said they needed to re-evaluate how cyber criminals attacked advice models.
“What underpins the advice relationship is ‘trust’. The client is trusting you with their personal and private information,” Jack said.
Hackers would look to infiltrate this relationship by pretending to be the client or the adviser.
Therefore, he recommended advisers have discussions with clients regarding how they feel about the firm holding their sensitive information.
“Consumers expect their data to be stored safely and securely, and when a breach happens, they want to know about it quickly,” Jack continued.
Adding in extra security steps, such as introducing a multi-factor authentication (MFA) system or using a password manager, could make clients feel more confident in their adviser.
“Clients are hearing a lot in the media about cyber breaches and are likely to be fearful about the possibility of their identities and personal information being stolen. Clients are justifiably nervous.
“It’s important for advisers to get on the front foot and educate their clients about the cyber security in place to protect their data.”
Moreover, Jack shared that about 80% of cyber issues were related to variable risks. These were the result of human communication errors between advisers and clients through emails, phone calls, or text messages.
To mitigate these vulnerabilities from being attacked, the cyber professional urged for employees to receive ongoing training and awareness with cyber security.
“Cyber security is definitely a team sport. My advice for practices is to have a cyber champion in your business. Run cyber drills, and ensure that everybody within the business knows who to contact regarding cyber security.”
In addition, conducting regular vulnerability testing and audits of technology systems, such as phishing emails, were highly encouraged.
Earlier this week, super fund NGS Super announced it had been vulnerable to a cyber attack but no super savings had been affected.
AUTHOR
Jasmine Siljic
Recommended for you
As artificial intelligence becomes increasingly commonplace in Australia’s financial services sector, over half of workers fear it poses a threat to their job security, the FSU has unearthed.
Financial services firm Link Wealth has purchased a majority stake in a Hobart-based advice business, its latest move as it makes a strategic expansion across the country.
The Financial Services and Credit Panel has cancelled the registration of an NSW adviser for two years as it felt he displayed a ‘level of incompetence’ in providing advice to his clients.
Industry bodies have welcomed a government announcement that it will reform the education standards for financial advisers by opening up the number of approved degrees that students can undertake.
