ESTATE PLANNING | INSURANCE | INVESTING | PORTFOLIO SPOTLIGHT | REAL ESTATE | RETIREMENT | TECHNOLOGY | YOUR PRACTICE
After The Breach , What To Do
Here are further steps you can take to protect your firm and its reputation after a cyberattack .
Mark Hurley and Brian Hamburger
Editor ’ s Note : This is the second in a two-part story on what to do if your firm has been victim of a cyber-intrusion .
WHENEVER A WEALTH MANAGer is the victim of a cyberattack ( which happens almost daily ), the firm needs to take several actions to protect itself ( and its future ). After first determining how the attack occurred and taking the necessary steps to prevent a recurrence , the firm must then carefully consult with its legal counsel ; prepare a plan to communicate with stakeholders ; and conduct a full review of its cybersecurity policies , procedures and technology . Then it must identify areas of remediation and implement the changes .
Firms dealing with this problem face an obstacle course of many dimensions and players — it involves relationships with clients , custodians and regulators . And the firm ’ s ability to navigate these challenges will heavily depend on the actions it took long before its systems were compromised .
Advisory firms like yours have very special client relationships . Clients effectively place their family ’ s futures in your hands , but only because they are confident that your firm is fully committed to safeguarding their assets .
However , a breach eviscerates your credibility . Indeed , a recent study by security platform Vercara found that two-thirds of consumers would not trust any company that loses even just their personal information . So imagine how difficult it would be for any client to trust someone who lost client assets .
This is a potential minefield for your firm ; if you are breached , you ’ ll need a carefully crafted plan to quickly inform every client about what happened and why . You don ’ t want them to find out on their own from the media or other clients , especially if it was their money that was involved .
Your clients also need to understand what steps your firm is taking to make them whole — if the breach was in fact the result of something your firm did or failed to do — as well as prevent such an event from happening again .
They also will be much less shocked and frightened if you ’ ve already educated them about cyber risks and the steps you ’ ve taken to mitigate any potential damage . ( The Securities and Exchange Commission has proposed new rules that would require RIAs to do precisely this —“ in plain English .”)
That said , most breaches of wealth managers to date have been from attacks initiated through clients , rather than direct attacks on their systems . And few clients are aware that if the assets in their custodial or bank accounts are stolen — and if they are even indirectly at fault themselves — they may not be able to seek recovery . Even fewer understand that it ’ s their own poor personal cybersecurity habits that create the greatest risk of this happening .
Those wealth managers who have clearly explained these
MARCH 2025 | FINANCIAL ADVISOR MAGAZINE | 27