Data Breach Prevention and Response

According to the Investment Firm of the Future, a report published by CFA Institute earlier this year, 24% of the organization’s members rated cybersecurity as their firm’s top technology priority.

With the myriad challenges facing investment professionals in 2018, that’s a striking number.

What to do? E.J. Yerzak, Director of Cyber IT Services for Ascendant Compliance Management, a CSS Company, and Shield, a CSS solution, recently sat down with CFA Institute to discuss planning, protocols, prioritization and more.

A short excerpt:

“It’s one thing to have a documented plan on paper. Until you put it to the test with war games or tabletop exercises, you may not realize that there are some unforeseen situations that may arise.

War-gaming your incident response plan can do wonders for assessing how reasonable it is. Again, you can’t anticipate everything under the sun, but have you anticipated all likely scenarios?

When you start putting the incident response plan to the test . . . someone at the table may say, “Hey, what about this system over here? Our series of five steps here didn’t anticipate that we need to pull backups from system A, and that system A can’t talk to system B unless we’ve done steps one, two, and three over here.” Things like that are important to try to work through in advance.”

You can read the informative interview, “Cybersecurity: The Barbarians are at the Gate,” by clicking here.


For more information on our cybersecurity solution Shield, click here.

Related Content

Latest Content

Coming to America – California Adopts GDPR-Like Privacy Regulation

After a number of firms struggled last year to get their marketing and information systems into compliance with the EU’s General Data Protection Regulation (GDPR), advisers to U.S. clients will soon be facing similar requirements on the home front.  On the heels of the Cambridge Analytica scandal, California enacted the California Consumer Privacy Act of … Continued

SEC and FINRA 2019 Examination Priorities

The SEC and FINRA have recently released their examination priorities for 2019. These releases provide insight into regulatory priorities and serve as guidance for a firm in evaluating its compliance program. We will discuss topics covered in these releases, including: Protecting retail investors Fees and expenses Disclosure Conflicts of interest Suitability Protecting senior investors Trading … Continued

SEC Reopened After 35-Day Government Shutdown

SEC Chairman Jay Clayton announced on Saturday, January 26 that with an agreement reached to end the government shutdown, the “Commission has resumed normal staffing levels and is returning to normal operations.” In total, about 94% of the commission’s approximately 4,400 employees had been furloughed during the 35-day shutdown, according to its operations plan. In a … Continued

FINRA Rolls Out New Central Registration Depository Functionality; Annual Verification Deadline Nears

FINRA first introduced enhancements to the Central Registration Depository (“CRD”) on October 1, 2018, which were rolled out in support of FINRA’s restructured qualification examination program as well as the adoption of consolidated FINRA registration rules. The new enhancements were intended to also more easily assist member firms with satisfying their reporting and compliance obligations. … Continued

SEC’s Latest Risk Alert Focuses on Electronic Communications

The SEC’s most recent risk alert, “Observations from Investment Adviser Examinations Relating to Electronic Messaging,” issued on December 14, 2019, focuses on the use and maintenance of electronic communications for business purposes. The purpose of the alert is to remind advisers of their obligations related to personal use of electronic messaging and the requirements for … Continued

Mailing List

Subscribe to the Ascendant Compliance email list for the latest compliance resources, conferences, ComplianceCasts™, and more.

Loading form...

Contact Us

Ascendant works together with clients to identify and assess critical needs through customized plans. If you need assistance with compliance functions, regulatory services, cybersecurity or technology tools, we’d love to speak with you.