Trusted client relationships target for hackers in advice firms
With the financial services industry being 300 times more likely to experience a cyber attack, financial advice firms are urged to consider the volume of client information they hold and how it can be safeguarded.
Fraser Jack, founder of the Cyber Collective, recently spoke at the Institute of Managed Account Professionals (IMAP) Virtual InvestTech conference.
In order for advice practices to implement cyber security measures, Jack said they needed to re-evaluate how cyber criminals attacked advice models.
“What underpins the advice relationship is ‘trust’. The client is trusting you with their personal and private information,” Jack said.
Hackers would look to infiltrate this relationship by pretending to be the client or the adviser.
Therefore, he recommended advisers have discussions with clients regarding how they feel about the firm holding their sensitive information.
“Consumers expect their data to be stored safely and securely, and when a breach happens, they want to know about it quickly,” Jack continued.
Adding in extra security steps, such as introducing a multi-factor authentication (MFA) system or using a password manager, could make clients feel more confident in their adviser.
“Clients are hearing a lot in the media about cyber breaches and are likely to be fearful about the possibility of their identities and personal information being stolen. Clients are justifiably nervous.
“It’s important for advisers to get on the front foot and educate their clients about the cyber security in place to protect their data.”
Moreover, Jack shared that about 80% of cyber issues were related to variable risks. These were the result of human communication errors between advisers and clients through emails, phone calls, or text messages.
To mitigate these vulnerabilities from being attacked, the cyber professional urged for employees to receive ongoing training and awareness with cyber security.
“Cyber security is definitely a team sport. My advice for practices is to have a cyber champion in your business. Run cyber drills, and ensure that everybody within the business knows who to contact regarding cyber security.”
In addition, conducting regular vulnerability testing and audits of technology systems, such as phishing emails, were highly encouraged.
Earlier this week, super fund NGS Super announced it had been vulnerable to a cyber attack but no super savings had been affected.
AUTHOR
Jasmine Siljic
Recommended for you
A relevant provider has received a written direction from the Financial Services and Credit Panel after a superannuation rollover resulted in tax bill of over $200,000 for a client.
Estimates for the calendar year 2024 put the advice industry on track for a loss in adviser numbers as exits offset gains from new entrants.
Adviser Ratings shares five ways that financial advice changed in 2024 with an optimistic outlook for 2025, thanks to the Delivering Better Financial Outcomes legislation.
National advice firm Invest Blue has announced several acquisitions, including the purchase of an estate planning and wealth protection business Lambert Group.
