Financial advisors may want to view cybersecurity as a critical issue on more than one level.
While protecting client data should be a priority, cyber attacks also could affect the investments they make on behalf of their clients. Basically, some companies may be more prone to costly cyber attacks than others.
“The sectors that I think carry the most amount of risk [include] health care, energy and manufacturing, said Jamil Farshchi, Equifax chief information security officer, at CNBC’s Financial Advisor Summit on Wednesday.
“Historically they haven’t invested as much and prioritized security as much as some of the other industries such as financial services or technology,” Farshchi said.
Part of the way to evaluate a company’s cyber risk is to consider what the real-world threats are against the line of business they’re in, said Charles Carmakal, Mandiant chief technology officer, who also spoke at the summit.
“Not all organizations have a similar threat as others,” Carmakal said. “For instance, there are unique threats to health care that are very different from threats to defense contractors or to government entities.”
He also suggests looking at the “security maturity” of the company.
“A lot of companies that have had a major cybersecurity incident tend to be more secure after the fact than perhaps an organization that hasn’t lived through a major cybersecurity attack,” Carmakal said.
Both Mandiant and Equifax have been victims of cyber attacks.
The good news for investors is that corporate boardrooms appear to be more focused on cybersecurity than they once were, Farshchi said.
“People are taking it more seriously,” he said. “As a result, we’re getting more technology- and security-capable individuals in the boardroom.”