The Investment Industry Association of Canada (IIAC) has created a tool to help investment dealers evaluate and address the cybersecurity risks that outside service providers pose.
Specifically, the IIAC has developed a survey for firms to use with their third-party service providers that aims to enable dealers to evaluate the cybersecurity practices at these firms and to uncover potential security weaknesses.
“The questionnaire includes basic, but fundamental, questions that will determine whether best practices are being followed and where further investigation or risk mitigation strategies may be required,” the IIAC notes.
Industry regulators have flagged due diligence by industry vendors as a key component of the industry’s cyber defences, the IIAC notes.
“Canada’s investment industry is highly reliant on technology and firms often require third-party service providers to access their systems and information resources,” the IIAC says. “As such, it is critical that firms understand and assess the cybersecurity risks their business faces when dealing with third-parties.”
Photo copyright: beebright/123RF