IIROC has published two resources to help firms protect themselves and their clients against cyber threats and attacks.
The Cybersecurity Best Practices Guide provides an enterprise-wide risk-based framework of industry standards and best practices that IIROC-regulated firms can apply to heighten awareness and manage cyber risks in an evolving environment.
The Cyber Incident Management Planning Guide is a complementary tool for firms to prepare effective response plans for cyber threats and attacks. These resources were produced by a leading security consulting firm, engaged by IIROC, which has worked with other Canadian financial services regulators on cybersecurity matters.
“Active management of cyber risk is critical to the stability of IIROC-regulated firms, the integrity of Canadian capital markets and the protection of investors,” said Andrew Kriegler, IIROC president and CEO. “That is why we consulted with the industry, engaged security experts and developed concrete resources to help firms better manage their cyber risks.”
Previously, IIROC conducted a survey of its membership and received input from industry representatives on the topic of cyber security. IIROC also reviewed approaches used by other domestic and global financial services regulators. In addition, the SRO is developing a cybersecurity program and plans to work with dealers to increase security.
Read:
How to protect against hackers
Financial firms must value client privacy