As a financial lifeguard, security is always on our minds. That – and some shocking facts about the threat of data breaches and identity theft – is why we routinely have cyber security audits done.
This might not be something that comes to mind when you think of financial advisors. But it should.
Here are eight reasons why cyber security is an essential part of the wealth management conversation.
1. There were over 53,000 cyber security incidents worldwide in 2018.
Of those, 2,216 were confirmed data breaches according to Verizon’s annual report on data breaches. You might think that many of those were political hacks, like the Russian hack of the Democratic National Committee in 2016. But the majority by far – 76% – were financially motivated.
2. It only takes 16 minutes until someone in your organization gives away the farm.
Phishing is the attempt to lure individuals into providing sensitive data, such as passwords, often by email or text message. Most people will delete these messages. They may not even see these emails if they go to a spam folder. But 4% will fall for it. On average, it takes 16 minutes for someone to take the bait, but 28 minutes for someone to report it to the IT department.
3. Ransomware is more prevalent than ever.
Ransomware is malware – that is, a program that intends to do you harm – that doesn’t need to access your data to be effective. It only has to lock it up so you can’t access it until you pay the criminal to release it. Verizon started seeing ransomware in 2013. By 2018, it represented 39% of all malware cases.
4. $16.8 billion was stolen from data breaches in 2017.
Theft of personal information, a.k.a. identity theft is not a haphazard occurrence. It has become a thriving industry. Lifeguard Wealth clients are often high net worth individuals with a net worth of $15M or more. This group has been found to be at especially high risk of cyber attacks. Robust cyber security is the only way we can deter criminals and protect our clients’ financial futures.
5. You are not less vulnerable than your larger competitors.
Cyber criminals are less sophisticated than you think. They are more often opportunistic, looking for the easiest mark. That means they’re going to target your business, not your more profitable competitor if you have less robust cyber security measures in place.
6. 28% of attacks in 2018 involved insiders.
The threat doesn’t only come from outside your organization. Verizon’s data shows that over a quarter of cyber attacks in 2018 involved insiders. Cyber security involves measures that keep the most sensitive information in the hands of a select, trusted few.
7. The personal data of 145 million consumers remain exposed.
It’s that time again – to remind you that while it’s been two years since the devastating Equifax breach that compromised the personal data of half the country, that data is still out there. We shared action steps to take in 2017. We reminded you again to freeze your credit in 2018. The threat remains. Go back and read our recommendations, or at least see the action steps below.
8. One in five people in the U.S. has been the victim of identity theft.
If you want proof that the threat is real, here it is. Gather any five Americans. Chances are one of them has already been a victim of identity theft. Is there any logical reason to think you’re an exception if you haven’t taken the necessary steps to protect yourself?
WHAT YOU CAN DO
Alex Rayter, with IT firm Phoenix 2.0, did our most recent cyber security audit. We’re happy to report that, while there were a few areas where we could improve, Alex found our existing security measures to be excellent overall.
Hiring someone like Alex to audit your business is one of the best investments you could ever make. Also, as a high net worth individual, you should follow his six recommendations to keep your personal and business information safe:
Use strong, unique passwords for all online financial applications, personal and work email, and the social media sites you use most often. We recommend investing in a password management system like LastPass or Dashline.
Turn on multi-factor authentication for access to all your critical assets, including, but not limited to, all of the above. Essentially, this means adding an additional step to access personal information.
Use Endpoint Protection utilities (software) on all your devices. This is the new generation of anti-virus software that protects you from the most advanced forms of malware.
Use device encryption (inaccessible by anyone but you) and device management (allowing you to make your device in accessible remotely) utilities on your phone and laptop to prevent unauthorized access in case you lose your device.
Have commercial and personal cyber and fraud liability coverage.
Learn how to spot phishing scams. Alex included a couple of quizzes you can take to test your knowledge in this article on cyber security, which he has recently updated.
BE ON GUARD
For our audit, Alex looked at everything from who had access to what – including physical documents – to whether our applications, devices, rules, and procedures were all secure. We’re pleased to share that, for the most part, we were already on solid footing.How do you think your business and personal data would hold up to scrutiny? If you’re not sure, talk to us. Learn more about how cyber security audits are an essential part of guarding your financial future.