When it comes to a cyber breach, it’s a matter of “when” not “if.”
If you’re a wealth-management firm, you will be attacked. That’s a given. After all, you hold what most cybercriminals want: the most sensitive and personal details of the wealthiest people in America. Those attacks are persistent, pervasive and not easy to detect. Scariest of all, there’s a strong likelihood that your firm is already under some form of attack.
That raises the odds that one attack will lead to a successful breach.
All cyberattacks are bad, but ones that affect financial intermediaries have the potential to ruin an advisor’s practice. Competition for clients is fierce, and a good client relationship is built on protection and trust – two feelings that immediately can disappear when data is breached. Clients, and their assets, will walk if they don’t feel safe.
Having a plan in place to handle the communications around this crisis is so vital. In fact, every wealth manager needs to have a separate crisis plan to deal with the potential of a cyber breach.
Understanding of State Laws.
Traditionally, most advisors are concerned with federal regulations. But there is no over-arching federal law covering a data-breach response. However, 48 states (with the exception of Alabama and South Dakota) have laws that govern your communications in the event of a breach. Each state defines what types of data are covered by the laws, what constitutes personal information and what you are required to disclose. Understanding your home state’s requirements, and those of your clients, is important, so it is vital you engage a law firm that knows breach-disclosure laws and can help guide the communications plan.
Related: 3 Ways to Handle a Cyber-Attack
Client-Centered Communications Plan.
The way to maintain trust of your clients is to be forthright to them. That means ensuring you have a plan in place to be the first person to notify them of the breach. Too often, news of a cyber breach at most companies is delivered through the media. Given the depth of relationship with your clients, and the importance in maintaining your clients’ trust, you have to have a plan to be able to reach out to your clients in the quickest and most efficient way.
In addition to the public relations and law firms you need to retain to help develop your crisis response, your cyber team needs to include two other groups of professionals: a cybersecurity firm to assess and monitor your ongoing security (after all, the best way to deal with a crisis is to avoid one in the first place), and your accounting firm (preferably with forensic specialties) to support your response. Forensic accounting professionals can manage document control, data preservation and recovery, and analysis. Your communications team should seek feedback from all the firms helping you when crafting your plan.
Editors’ Choice: Why These Articles Were Great!
11 Most Read IRIS Articles of the Week!
4 Ways to Find Your Prospect’s Biggest Pain Points
MyPerfectFinancialAdvisor and Why I Started It
Understanding Elder Law with Guest Geoff Hoatson
Leaders: Where There’s Smoke, There’s Not Always Fire
What You Need to Know About Senior Isolation
Transitioning from Business Ownership to Retirement
10 Key Components for Creating a Positive Company Culture
What is a Captive Insurance Agent
Development2 days ago
Changing Forward Means Silencing Your Inner Gremlins
Research2 days ago
Please Don’t Buy the Dip in Nvidia or Other Chip Stocks
Content Marketing2 days ago
3 Ways to Distinguish Yourself as an Advisor Using Only Your Blog
Permission to Succeed3 days ago
Setting the Standard of Care for Medical Cannabis with Nick Vita
Strategies3 days ago
Junk in the Trunk: The Story of Today’s Bond Market
Marketing3 days ago
4 Reasons Your Sales Team Isn’t Receiving Referrals
Development4 days ago
10 Tips For Recruiting Financial Advisors
Development4 days ago
Why Short Term Trading Is Not Investing