Cybersecurity: Ransomware Alert

  • Source:

Treliant Takeaway:

The Office of Compliance Inspections and Examinations (OCIE) is committed to working with financial services market participants, federal, state and local authorities, and others, to monitor cybersecurity developments, improve operational resiliency, and effectively respond to cyber threats. On July 10th the OCIE released this Risk Alert “CYBERSECURITY: RANSOMWARE ALERT” for their SEC registrants.

OCIE has observed an apparent increase in sophistication of ransomware attacks on SEC registrants, which include broker-dealers, investment advisers, and investment companies.

Treliant helps firms be compliant with SEC Cybersecurity requirements and other regulatory cyber guidance and expectations. Our professionals include but are not limited to former Chief Information Security Officers (“CISO”) and Internal Auditors.  We understand how to make cybersecurity programs work and to prepare for regulatory exams.

Article Highlights:

As firms deal with the COVID-19 pandemic to continue operations, the OCIE is reminding covered entities that there is heightened cybersecurity risks related to Ransomware.

The OCIE has seen where registrants are utilizing the following measures against Ransomware attacks:

  1. Incident response and resiliency policies, procedures and plans: Assessing, testing, and periodically updating incident response and resiliency policies and procedures, such as contingency and disaster recovery plans.
  2. Operational resiliency: Determining which systems and processes are capable of being restored during a disruption so that business services can continue to be delivered
  3. Awareness and training programs: Providing specific cybersecurity and resiliency training, and considering undertaking phishing exercises to help employees identify phishing emails.
  4. Vulnerability scanning and patch management: Implementing proactive vulnerability and patch management programs that are conducted frequently and consistently and take into consideration current risks to the technology environment.
  5. Access management: Managing user access through systems and procedures
  6. Perimeter security: Implementing perimeter security capabilities that are able to control, monitor, and inspect all incoming and outgoing network traffic to prevent unauthorized or harmful traffic.

CISOs and their teams need to have these implemented measures already in place to ensure the secure operations of their firms’ businesses. CISOs will need to demonstrate cybersecurity compliance and be ready for a thorough look at the underlying processes by the regulators.