FINRA’s Post

Important for firms dealing with the outage but also to note criminals posing as Crowdstrike employees for further victimization. A good fraud scheme works because there is a kernel of fact within it. Never underestimate the creativity of the adversary and willingness to take advantage of any situation. That’s why diligence and preparedness is important and why good cyber security requires both process and technology.

Virtual Event with AWS - May 21st - Attendees will also qualify for CPE credits! Overview https://lnkd.in/g2_k3CcP Register https://lnkd.in/g6QZeTWJ May 21st we’ll spend the day delving into new attack intelligence, technologies like AI that are disrupting the threat landscape, macro influences on SOC teams, MDR services to build cyber resilience, and more. You’ll get clear guidance to zero in on threats and proactively prevent breaches.

In this webinar, we will discuss some key components of operational and cyber resilience regulations and the techniques and technologies needed to address the new requirements https://bit.ly/3sJLh3y

Get ready for a deep dive into the world of financial cybersecurity with Jason Harrell, CISM, Managing Director at DTCC. 🌐💼 In an exclusive interview, he reveals the critical cyber threats keeping the financial sector on its toes. Explore the innovative collaborative strategies discussed at GovWare 2023, offering a glimpse into the future of cybersecurity in finance. 🎙️💡 Don't miss this insider perspective—unlock the secrets of the financial cybersecurity landscape! Read more: https://bit.ly/3QFfmJH #Cybersecurity #FinanceInsights #ExclusiveInterview #GovWare2023 #CybersecAsia

Industry Spotlight: Financial Sector In our Industry Spotlight Series, we aim to understand the nuanced cybersecurity challenges faced by different sectors. Our first spotlight will be on the Financial Sector, where safeguarding transactions and customer data is vital. 🔗 https://lnkd.in/gTSCbCsP

Yes - It was a crappy day for our industry , I don’t think we can pin all the blame on the 2 software vendors involved as in the end the modern customer technology fabric/stack from SMB to ENT is too complex,complicated and unmanageable with ever increasing business demand . The bright side is (I hope) - the impacted businesses will now change and have more board room attention not only for cybersecurity and the threats in the space which requires expensive tooling but also for information security , risk management and DR processes which could have soften or stop the impacts of today .

CEO, CISO, and Board Alert!! If you lack cybersecurity expertise, it's time to refresh the board. ✅ The SEC's materiality provision is significant. It's essential to comprehend both quantitative and qualitative factors. ✅ A competent board oversees cybersecurity risk management and strategy, including reviewing Form 10-K or Form 20-F. This also includes assessing, identifying, and managing material risks associated with cyber governance processes. ✅*********Subscribe here to get all my 🔥 takes on the Board and C-suite effectiveness and more directly in your inbox. 👉🏿 https://lnkd.in/grAy93cJ ****** Christopher Hetner Ravi Hirolikar Indir Avdagić #CEO #CIO #CTO #CISO #KSgems #boardofdirectors #boardroom #boardleadership #cybersecurity https://lnkd.in/eKS4KjSR

The challenge for compliance of financial services firms registered with the SEC is real. The struggle is often the lack of visibility. Where is your sensitive data? What are they doing with it? Who has access to it? These questions can keep you up at night. When data governance is weak, issues arise. And when a cyber event happens, it's worse. You will need to report on it. The SEC is making adjustments to address this. Because when it comes to your client data, you need to know. These challenges can be overcome, when strong data governance is in place. Don't let lack of visibility keep you up at night.

There's no question that a career as a top security leader is rewarding and something to aspire to. But before you consider taking that career path, there are some lessons to be learned from a recent case that shows just how tough a job it can be. You've gotten the education, paid your dues and you're ready to tackle the role of CSO or CISO, to make the big decisions and determine how security will be a key part of your firm and what it does. Before you start down this road, or even if you are continuing down this road, there are some lessons that can be learned from the trial of the Securities and Exchange Commission (SEC) versus SolarWinds and its CISO Timothy Brown. It's an important case and one that demonstrates potential severe repercussions for CISOs and has even caused some to reconsider the role. How would you have handled the situation if you were in charge? The SEC has accused Brown of misleading investors by not disclosing "known risks" and not accurately representing the company’s cybersecurity measures during and before the 2020 Sunburst cyberattack that affected thousands of customers in government agencies and companies globally. “SolarWinds violated reporting and internal controls provisions of the Exchange Act; and Brown aided and abetted the company’s violations,” the SEC said in a press release. https://lnkd.in/ebrSv8gX