Cybersecurity Ransomware Alert: SEC OCIE
By Michael Fiorito, MDS
In response to the WannaCry attack that occurred on May 12, 2017, broker dealers and investment firms are encouraged to review best practices outlined by The U.S Department of Homeland Security and also evaluate patching for Windows XP, Windows 8, and Windows Server operating systems.
SEC: Securities and Exchange Commission
OCIE: Office of Compliance Inspections and Examinations
Complete to download the full Ransomware Alert Article as posted by the SEC
Additionally, the OCIE’s National Examination Program staff reviewed 75 broker-dealers and determined that, at minimum, organizations can mitigate risk by maintaining the following practices:
• Cyber-risk Assessment: Performing periodic risk assessment of critical systems
• Penetration Tests: Conducting periodic penetration tests on critical systems
• System Maintenance: Ensuring regular maintenance for the installation of software patches to address security vulnerabilities
In addition to assisting your organization with meeting SEC OCIE regulations, MDS can develop a comprehensive cybersecurity program that meets your business requirements.
Building out and maintaining your IT ecosystem doesn’t have to be a do-it-yourself project. MDS can help identify network issues, configure devices, and optimize your infrastructure to maximize efficiency and performance. Our consultants are highly trained technology specialists that understand the complexities of multi-vendor environments and have the knowledge and skills to help your business become more agile, customer-focused and operationally efficient.