Desktop version

Home arrow Sociology arrow The socially savvy advisor

What Cybersecurity Mistakes Should Advisors Avoid?

We've all heard the story of Target, in which 40 million retail customers had their credit card and personal information compromised. And we know how easy it is for bad actors to lie their way through in the offline world. Bernie Madoff made that clear.

Whether it's the Target data breach, concern over Facebook's privacy settings, or the growing trend of financial firms to move customers online, all are raising concerns about the protection of personal data.

Indeed, cybersecurity has become a buzzword, and it's serious business in financial services.

“Levels of cyber-risk that might be fine if you're selling dish soap can create enormous headaches for the financial services sector,” says Ed McNicholas, partner at Sidley Austin and co-leader of the law firm's privacy, data security, and information law practice.

The term cybersecurity has been in our lexicon since the 1990s.[1] As advisors and firms move to social channels, mobile devices, and iPads as a key method of handling all communications, security takes on a whole new level of importance.


Cybercrime is the illegal collection or use of data for financial gain. Data provides access to bank, credit card, and other financial account information that can be re-sold or used for identity theft purposes. I'm reminded of my friend Mary Anne, whose entire identity – including her Social Security number – was stolen and used to charge purchases to her accounts and access funds in her bank.

For other criminals, it might just be an attention-getting move to demonstrate one's powerful hacking skills. These are called hacktivists, doing it either to disrupt a business or to audition for some greater crime in which they can participate.

“Originally they attacked through e-mail and networks directly,” says Blane Warrene, a technology expert and co-founder of the social media archiving service Arkovi. “But, now with so many digital channels, being able to insert malware quietly offers them opportunities to create, in essence, a tunnel to ferret out this data.”

And it's not just data at risk. How about your brand? That's right. A wave of attacks can disrupt your business and tarnish your brand publicly. “These can be very costly incidents as well,” Warrene notes.

We've seen many cases of social engineering to compromise individuals and firms. The clearest explanation for how social engineering works is to read the story of Mat Honan, a technologist and Wired writer.[2]

“The very four digits that Amazon considers unimportant enough to display in the clear on the Web are precisely the same ones that Apple considers secure enough to perform identity verification,” Honan writes.

Honan admits that the security failures that plagued him were his own fault.

Had he just taken a few basic steps – from using two-factor authentication to backing up his computer, he wouldn't have lost his entire digital life – from his kid's photos to e-mails.

PricewaterhouseCoopers found that the industry is spending 50 percent more in 2014 on cybersecurity.[3] Likewise, Deloitte estimates that U.S.

financial services firms lost on average $23.6 million from cybersecurity breaches in 2013 – the highest average loss across all industries the consulting firm tracks.[4]

  • [1] Cybersecurity – definition and first mention, Merriam-Webster.
  • [2] Mat Honan, “How Apple and Amazon Security Flaws Led to My Epic Hacking,” Wired, August 6, 2012,
  • [3] “PwC's 6th Annual Digital IQ Survey,” PricewaterhouseCoopers, 2014, Accessed June 8, 2014.
  • [4] “Transforming Cybersecurity – New Approaches for an Evolving Threat Landscape,” Deloitte, February 11, 2014.
Found a mistake? Please highlight the word and press Shift + Enter  
< Prev   CONTENTS   Next >

Related topics