Data Breach Prevention and Response

According to the Investment Firm of the Future, a report published by CFA Institute earlier this year, 24% of the organization’s members rated cybersecurity as their firm’s top technology priority.

With the myriad challenges facing investment professionals in 2018, that’s a striking number.

What to do? E.J. Yerzak, Director of Cyber IT Services for Ascendant Compliance Management, a CSS Company, and Shield, a CSS solution, recently sat down with CFA Institute to discuss planning, protocols, prioritization and more.

A short excerpt:

“It’s one thing to have a documented plan on paper. Until you put it to the test with war games or tabletop exercises, you may not realize that there are some unforeseen situations that may arise.

War-gaming your incident response plan can do wonders for assessing how reasonable it is. Again, you can’t anticipate everything under the sun, but have you anticipated all likely scenarios?

When you start putting the incident response plan to the test . . . someone at the table may say, “Hey, what about this system over here? Our series of five steps here didn’t anticipate that we need to pull backups from system A, and that system A can’t talk to system B unless we’ve done steps one, two, and three over here.” Things like that are important to try to work through in advance.”

You can read the informative interview, “Cybersecurity: The Barbarians are at the Gate,” by clicking here.


For more information on our cybersecurity solution Shield, click here.

Related Content

Latest Content

Placing Ethics and Compliance in the Foreground of Business Decision-Making

Thinking about how to make ethics and compliance part of a business’s decision-making can prove to be challenging. By nature, compliance professionals are often results-oriented, focusing on a binary end-result; either you are in compliance, or you are not. That focus is important, but emphasizing process is also vital, John Walsh, Partner at Eversheds Sutherland … Continued

What Am I Looking At? Making Sense of Your Cyber Testing Reports

It’s no surprise that Compliance and IT do not speak the same language. Compliance staff often speak in terms of regulations and policies, whereas bits and bytes are the language of IT staff. This distinction is clear when it comes to cybersecurity risk management, as the compliance and IT audiences are looking for different takeaways … Continued

It Takes a Village – Preparing for a Regulatory Exam

Advanced planning for a regulatory exam remains a vital step in ensuring the compliance team is prepared when the exam teams comes knocking. At the recent Ascendant/CSS fall conference in San Diego, Allison Fraser moderated the conference’s capstone session on the topic, joined by Bryan Bennett, the Associate Regional Director in the examination program in … Continued

The ‘Next Frontier’ in Investment Advice

We live in a world filled with dramatic change on a scale we’ve never seen before. The speed and magnitude of change in so many areas is fueled by technology. The sheer number of processes and functions we’re able to address simply from our phones has upended so many different industries, including travel, entertainment, and … Continued

Mailing List

Subscribe to the Ascendant Compliance email list for the latest compliance resources, conferences, ComplianceCasts™, and more.

Loading form...

Contact Us

Ascendant works together with clients to identify and assess critical needs through customized plans. If you need assistance with compliance functions, regulatory services, cybersecurity or technology tools, we’d love to speak with you.