{"id":9788,"date":"2022-03-07T12:41:28","date_gmt":"2022-03-07T17:41:28","guid":{"rendered":"https:\/\/rixtrema.com\/blog\/?p=9788"},"modified":"2022-03-07T12:41:33","modified_gmt":"2022-03-07T17:41:33","slug":"cybersecurity-under-strain-in-a-post-covid-world","status":"publish","type":"post","link":"https:\/\/rixtrema.com\/blog\/cybersecurity-under-strain-in-a-post-covid-world\/","title":{"rendered":"Cybersecurity under Strain in a Post-Covid World"},"content":{"rendered":"\n\n\n<div style=\"height:40px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<ul class=\"wp-block-list\"><li><strong><a href=\"#why-cybersecurity-has-become-a-major-concern\">Why Cybersecurity Has Become a Major Concern<\/a><\/strong><\/li><li><strong><a href=\"#common-weaknesses-in-a-firms-cybersecurity\">Common Weaknesses in a Firm\u2019s Cybersecurity<\/a><\/strong><\/li><li><strong><a href=\"#a-cybersecurity-plan\">A Cybersecurity Plan<\/a><\/strong><\/li><li><strong><a href=\"#Solutions\">Solutions<\/a><\/strong><\/li><\/ul>\n\n\n\n<div style=\"height:40px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h2><strong><a id=\"why-cybersecurity-has-become-a-major-concern\"><\/a>Why Cybersecurity Has Become a Major Concern<\/strong><\/h2>\n<p>\u00a0<\/p>\n<p>In recent months it has become quite clear that the work-from-home model, in the wake of Covid, is here to stay. Most organizations have moved to this model, either totally or partially.<\/p>\n<p>Never before have banks, broker-dealers, RIAs, insurance companies and hedge funds allowed such\u00a0<a href=\"https:\/\/www.investmentnews.com\/coronavirus-disruption-advisers-work-home-increasing-compliance-risks-189899\">large numbers of employees to work off-site.<\/a>\u00a0This sudden shift has produced not only an environment ripe for fraud and nefarious behavior, but it has increased the likelihood of\u00a0<a href=\"https:\/\/www.investmentnews.com\/broke-dealers-brace-for-cyberthreats-201403\">cybersecurity or compliance risks.<\/a><\/p>\n<p>As a result, many firms are now scrambling to enhance their policies and procedures for dealing with these challenges. To play catch up, they should focus on the three <a href=\"https:\/\/rixtrema.com\/blog\/cybersecurity-regulations\/\">most common weaknesses<\/a> \u2014 device security, software vulnerabilities and data privacy.<\/p>\n<p>\u00a0<\/p>\n<p><a href=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/1.jpg\" data-rel=\"lightbox-image-0\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-9789\" src=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/1.jpg\" alt=\"\" width=\"1120\" height=\"686\" srcset=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/1.jpg 1120w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/1-300x184.jpg 300w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/1-1024x627.jpg 1024w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/1-768x470.jpg 768w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/1-500x306.jpg 500w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/1-800x490.jpg 800w\" sizes=\"auto, (max-width: 1120px) 100vw, 1120px\" \/><\/a><\/p>\n<p>\u00a0<\/p>\n<h2><strong><a id=\"common-weaknesses-in-a-firms-cybersecurity\"><\/a>Common Weaknesses in a Firm\u2019s Cybersecurity<\/strong><\/h2>\n<p><strong>\u00a0Device Security<\/strong><\/p>\n<p>During the pandemic, firms have largely adopted a bring-your-own-device (BYOD) policy for workers. This approach undoubtedly saves money and solves many of the logistical hassles associated with getting company-purchased laptops and smartphones to everyone who needs them. But it becomes a problem when those devices are used to connect to corporate servers without being encrypted, backed up or armed with malware detection. One misstep by a single user and it\u2019s possible to give bad actors an access point to company assets.<\/p>\n<p>Company-owned laptops and devices acquired specifically for in-office usage may also lack sufficient remote work controls. These include the ability for company administrators to wipe devices instantly and remotely, block them from accessing servers, and track both the locations of all remote devices and the times when users access servers. All these features are deemed necessary for fear a worker decides to go rogue or a device goes missing.<\/p>\n<p>\u00a0<\/p>\n<p><strong>Software vulnerabilities<\/strong><\/p>\n<p>The main software-related cybersecurity risks stem from storing work files on unprotected drives, connecting to corporate servers from unsecured home Wi-Fi networks, or using unapproved collaboration and messaging applications. The best way to prevent these problems is to develop explicit usage policies that address which devices and applications are approved and which are not. As an extra step, install software that automatically limits access. This way, users cannot violate cybersecurity protocols, either intentionally or unintentionally.<\/p>\n<p>A remote work environment calls for cybersecurity platforms that test system vulnerabilities, detect server intrusions, remediate and update software, generate audit logs and enable administrators to implement hierarchical access rights. Operating without these tools all but invites trouble. In their absence, client data may fall into the wrong hands without financial firms learning about a breach until after it\u2019s too late. This is precisely why regulators such as<a href=\"https:\/\/www.investmentnews.com\/broker-dealers-should-stay-their-toes-coronavirus-finra-189685\">\u00a0the Financial Industry Regulatory Authority Inc.<\/a>\u00a0and the\u00a0<a href=\"https:\/\/www.investmentnews.com\/sec-highlights-compliance-risks-amplified-by-pandemic-196034\">Securities and Exchange Commission<\/a>\u00a0are scrutinizing firms\u2019 cybersecurity posture.<\/p>\n<p>\u00a0<\/p>\n<p><strong>Data Privacy<\/strong><\/p>\n<p>The typical confidentiality-related cybersecurity risks come from workers sharing devices with their children or spouses, exposing sensitive or confidential information to guests in their homes, responding to email scams or posting confidential data on the web or social channels. Good cybersecurity platforms conduct awareness training sessions for workers about these issues. The best ones automatically create playbooks in response to violations.\u00a0<\/p>\n<p>Of course, some worker violations will go undetected. For example, there may be no way to know for sure if someone is reviewing personal information about clients while a guest walks over and looks at the screen. That\u2019s why detailed, clear and, importantly, enforced policies and procedures are essential. This is the key to establishing cybersecurity best practices that become intertwined with a firm\u2019s culture.<\/p>\n<p>\u00a0<\/p>\n<p><a href=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/2.jpg\" data-rel=\"lightbox-image-1\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-9790\" src=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/2.jpg\" alt=\"\" width=\"1123\" height=\"698\" srcset=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/2.jpg 1123w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/2-300x186.jpg 300w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/2-1024x636.jpg 1024w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/2-768x477.jpg 768w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/2-500x311.jpg 500w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/2-800x497.jpg 800w\" sizes=\"auto, (max-width: 1123px) 100vw, 1123px\" \/><\/a><\/p>\n<p>\u00a0<\/p>\n<h2><strong><a id=\"a-cybersecurity-plan\"><\/a>A Cybersecurity Plan<\/strong><\/h2>\n<p>To avoid these common weaknesses companies should think of developing <a href=\"https:\/\/rixtrema.com\/blog\/asking-the-right-questions-when-it-comes-to-retirement-plan-cybersecurity\/\">a cybersecurity plan<\/a>. Cybercriminals are becoming bolder and more sophisticated in their efforts to hack into networks in search of personal information and ultimately, large sums of money. At the same time, technology has developed in a way that can enhance the capabilities of these bad actors. That\u2019s why now more than ever, it\u2019s important to have a comprehensive cybersecurity plan for your firm. There are certain tips for developing such a plan.<\/p>\n<p>More and more companies specializing in different fields, including advisory firms, are making major investments in technology related to cybersecurity nowadays.<\/p>\n<p>One of the primary focuses is to consolidate client data into a single internal system. When this data is already under the company\u2019s ownership, the management focuses on extending all of those ones and zeros into a data warehouse, creating direct feeds of information from different sources. A data warehouse creates an automated means of receiving data, rather than having it manually entered into a system.<\/p>\n<p>\u00a0<\/p>\n<p><a href=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3.jpg\" data-rel=\"lightbox-image-2\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-9791\" src=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3.jpg\" alt=\"\" width=\"1127\" height=\"805\" srcset=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3.jpg 1127w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-300x214.jpg 300w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-1024x731.jpg 1024w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-768x549.jpg 768w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-500x357.jpg 500w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-800x571.jpg 800w\" sizes=\"auto, (max-width: 1127px) 100vw, 1127px\" \/><\/a><\/p>\n<p>\u00a0<\/p>\n<h2><strong><a id=\"Solutions\"><\/a>Solutions<\/strong><\/h2>\n<p>\u00a0<\/p>\n<p>None of these processes would be successful without proper planning, putting a multilayered cybersecurity plan in place to ensure all of this confidential data is protected. Companies need to put the following safety measures in place in order to give their clients peace of mind:<\/p>\n<ul>\n<li>Encryption:\u00a0Whether data is being transferred or is at rest, make sure it\u2019s being encrypted, or coded, to prevent unauthorized access. In addition, make sure the portals between your firm\u2019s systems and the systems of your outside partners are encrypted, as well.<\/li>\n<\/ul>\n<ul>\n<li>Multifactor authentication:\u00a0This measure can become the biggest line of defense when it comes to combating cyberattacks. Any system that has personal information cannot be accessed without the MFA, single sign-on approach. In essence, this removes virtually any ability for those outside of our network to access any of our portals.<\/li>\n<\/ul>\n<ul>\n<li>Employee awareness training:\u00a0Companies require their employees to undergo periodic digital awareness training to make sure they learn the best cybersecurity practices for protecting their data. The most common way for a cybercriminal to access a digital system is through a\u00a0<a href=\"https:\/\/www.investmentnews.com\/roaring-kitty-and-phishing-attacks-expose-cyber-headaches-for-ibds-204008\">phishing attempt,<\/a>\u00a0or sending an email claiming to be from a reputable company in an effort to get an employee to click a link and submit personal information. The company\u2019s goal should be to keep its team fully up to speed on the latest tactics and tricks cybercriminals are using, so they test the system and users with authentic-looking emails and false phishing attempts. They train users to check for identifiers, such as the full email address at the top of a message, to be sure the note they\u2019re receiving is legitimate.<\/li>\n<\/ul>\n<ul>\n<li>Network monitoring:\u00a0Similar to the way companies monitor their staff\u2019s interactions with fake phishing emails, their technology teams constantly track all of their systems, including physical computers and virtual desktops. Team members are also able to follow the movement of employees\u2019 files, keeping a log to monitor activity. If they notice a bad practice, like saving an email attachment locally to a computer, they ask the employee to remove the file and be sure they know how to save it properly.<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p><a href=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-1.jpg\" data-rel=\"lightbox-image-3\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-9792\" src=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-1.jpg\" alt=\"\" width=\"1131\" height=\"623\" srcset=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-1.jpg 1131w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-1-300x165.jpg 300w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-1-1024x564.jpg 1024w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-1-768x423.jpg 768w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-1-500x275.jpg 500w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/3-1-800x441.jpg 800w\" sizes=\"auto, (max-width: 1131px) 100vw, 1131px\" \/><\/a><\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p><strong>Work with the Right Partners<\/strong><\/p>\n<p>It would be difficult to manage a complex network of technological systems without outside partners. Such partners can be consulting firms, which can advise the company through the development and the action phases of its comprehensive technology plan. Companies also need to cooperate with <a href=\"https:\/\/rixtrema.com\/blog\/8-steps-for-defined-contribution-plans-to-consider-in-2022\/\">providers of an IT support system<\/a> that serves as host cloud for their data. While choosing the right partners, you should make sure that they hold the same high standards for data protection and safety as you do.<\/p>\n<p>\u00a0<\/p>\n<p><strong>Continue Training and Learning<\/strong><\/p>\n<p>Companies try to do the most they can to stay ahead of the game when it comes to cybersecurity. It\u2019s important for any firm that\u2019s serious about investing and protecting their technology and data to continue training and educating their staff on best practices. Too often, someone can get into a bad habit that could result in<a href=\"https:\/\/www.investmentnews.com\/sec-fines-multiple-firms-for-cybersecurity-lapses-that-exposed-client-data-210900\">\u00a0their firm being vulnerable<\/a>\u00a0to a bad actor. Continued education and training is the best way to promote data safety and security, which are in the best interests of your firm and your clients.<\/p>\n<p><strong>Improve your Cybersecurity<\/strong><\/p>\n<p>Financial firms that have fallen behind on cybersecurity can struggle with getting started on the road to improvement. Fortunately, solutions exist to help organizations monitor and address their cybersecurity risk posture across multiple threat vectors.<\/p>\n<p>The era of remote work is apparently here to stay. Firms that delay ramping up cybersecurity protections do so at their own risk.<\/p>\n<p>\u00a0<\/p>\n<p><em>Cybersecurity is a lot to worry about already, so take the stress out of marketing, at least, with Larkspur Executive \u2013 <a href=\"https:\/\/rixtrema.com\/landings_larkspurexecutive\" target=\"_blank\" rel=\"noopener\"><strong>Book a Free Demo Today<\/strong><\/a>.<\/em><\/p>\n<p><a href=\"https:\/\/rixtrema.com\/landings_larkspurexecutive?source=blog070322\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-7794\" src=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2021\/04\/banner-LEXE-min-1.jpg\" alt=\"\" width=\"700\" height=\"256\" srcset=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2021\/04\/banner-LEXE-min-1.jpg 700w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2021\/04\/banner-LEXE-min-1-300x110.jpg 300w, https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2021\/04\/banner-LEXE-min-1-500x183.jpg 500w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/a><\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n\n\n\n<div style=\"height:40px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>In recent months it has become quite clear that the work-from-home model, in the wake of Covid, is here to stay. Most organizations have moved to this model, either totally or partially.<\/p>\n","protected":false},"author":25,"featured_media":9794,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[228,168],"tags":[7,12,172],"class_list":["post-9788","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-larkspur-executive","category-news","tag-financial-advisor","tag-financial-advisors","tag-retirement-plan-advisors"],"jetpack_featured_media_url":"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/Cybersecurity-under-Strain-in-a-Post-Covid-World-1.jpg","yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v15.9.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Cybersecurity under Strain in a Post-Covid World<\/title>\n<meta name=\"description\" content=\"In recent months it has become quite clear that the work-from-home model, in the wake of Covid, is here to stay. Most organizations have moved to this model, either totally or partially.\" \/>\n<link rel=\"canonical\" href=\"https:\/\/rixtrema.com\/blog\/cybersecurity-under-strain-in-a-post-covid-world\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cybersecurity under Strain in a Post-Covid World\" \/>\n<meta property=\"og:description\" content=\"In recent months it has become quite clear that the work-from-home model, in the wake of Covid, is here to stay. Most organizations have moved to this model, either totally or partially.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/rixtrema.com\/blog\/cybersecurity-under-strain-in-a-post-covid-world\/\" \/>\n<meta property=\"og:site_name\" content=\"RiXtrema.com\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/LarkspurRiXtrema\/\" \/>\n<meta property=\"article:published_time\" content=\"2022-03-07T17:41:28+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-03-07T17:41:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/rixtrema.com\/blog\/wp-content\/uploads\/2022\/03\/Cybersecurity-under-Strain-in-a-Post-Covid-World-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1800\" \/>\n\t<meta property=\"og:image:height\" content=\"1029\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@RiXtrema\" \/>\n<meta name=\"twitter:site\" content=\"@RiXtrema\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\">\n\t<meta name=\"twitter:data1\" content=\"8 minutes\">\n<!-- \/ Yoast SEO Premium plugin. -->","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/rixtrema.com\/blog\/wp-json\/wp\/v2\/posts\/9788","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rixtrema.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rixtrema.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rixtrema.com\/blog\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/rixtrema.com\/blog\/wp-json\/wp\/v2\/comments?post=9788"}],"version-history":[{"count":2,"href":"https:\/\/rixtrema.com\/blog\/wp-json\/wp\/v2\/posts\/9788\/revisions"}],"predecessor-version":[{"id":9796,"href":"https:\/\/rixtrema.com\/blog\/wp-json\/wp\/v2\/posts\/9788\/revisions\/9796"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rixtrema.com\/blog\/wp-json\/wp\/v2\/media\/9794"}],"wp:attachment":[{"href":"https:\/\/rixtrema.com\/blog\/wp-json\/wp\/v2\/media?parent=9788"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rixtrema.com\/blog\/wp-json\/wp\/v2\/categories?post=9788"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rixtrema.com\/blog\/wp-json\/wp\/v2\/tags?post=9788"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}