Investment dealers will be receiving report cards from their regulator this month, grading their cybersecurity efforts.
The Investment Industry Regulatory Organization of Canada (IIROC) announced Monday it will provide firms with “individual assessments of their cybersecurity preparedness.”
The report cards aim to alert dealers’ to possible weaknesses in their cybersecurity programs, and benchmark firms’ practices against both the industry overall and their peers.
The assessments will be based on the results of a survey carried out with dealers earlier this year, which IIROC says provides it insight into each firm’s governance structure, policies and systems for cybersecurity risk management.
The results are being measured against a cybersecurity framework developed by the National Institute of Standards and Technology that focuses on governance, prevention, threat detection, and resilience.
“As the frequency and sophistication of cyber attacks increase, it is crucial that IIROC-regulated firms treat cybersecurity risk management as a high priority,” says Wendy Rudd, senior vice-president, member regulation and strategic initiatives, at IIROC, in a news release. “IIROC will continue to work with firms to ensure they have appropriate cybersecurity infrastructure and measures in place.”
Looking ahead, IIROC will be working with firms on how to improve their cybersecurity efforts.
Photo copyright: rabbit75123/123RF