Professional Advisers Association (PAA) CEO Rod Severn is warning advisers to review their cyber security and says there are a range of things they can do to lower their chances of a breach to their security systems.
“Cyber security was something that people just spoke about and now it’s real,” Severn told NZ Adviser.
“It’s real right across the board and certainly financial advisers are liable for attacks because they control so much information – financial information, client data, bank account numbers and personal data kept on mobile phones and laptops, any of which can be hacked or lost at any given time.”
Severn's alert comes after a new report, PwC’s New Zealand insights of the annual Global State of Information Security Survey, revealed confidence in cyber security among NZ organisations has dropped from 83% to 65% in the past year.
Significant issues were identified about 90 per cent of the time during breach assessments made in New Zealand, PwC Cyber Practice Leader Adrian van Hest said.
Severn says appropriate cyber cover should be present as part of all advisers’ business processes but that it is equally important to be educate your staff, have internet management and know what to do if a breach does occur.
“It is more around how these things happen, why they happen and what you can do to stop that happening in the future. Start using passwords regularly that are hard to break. Create good network security by having both external and internal parameters that are multi layered boundaries around passwords and accessing your network, so even if it is breached you can’t access what is important because there are multi layers to get into it.”
He encourages advisers to have decent malware protection on laptops and systems, back up important data daily and limit the use of removable media in day to day business, such as thumb drives.
“It is scary how many people don’t have any level of protection on their devices. But it’s a matter of doing everything you can to defend your own data - then you’ll go a fair way to stopping it if you’re conscious of it and aware of what you can do.”
“The organisations that want to maintain trust and stay competitive are those using a targeted information security approach,” said PwC’s van Hest.
“There is no magic bullet for effective cyber security. It’s a journey towards a culture of security, not a solution in and of itself. It is a path that starts with the right mix of technologies, processes and people skills,” van Hest said.