The financial services industry continues to be among the top sectors targeted by cyber-crime. In an effort to help its members navigate increasing risk, the Mutual Fund Dealers Association of Canada (MFDA) recently released a bulletin providing guidance on appropriate policies and controls. The MFDA underlines the importance of creating a cybersecurity “framework” in order to protect a firm’s confidential information, its reputation, and its ability to operate, guidance that is in line with the risk-based approach that is seeing global uptake.

The bulletin identifies key areas to keep in mind when developing a framework, including:

  • Ongoing training of staff to raise awareness of cybersecurity issues (of particular importance given that a high percentage of breaches are initiated internally)
  • Establishing regular testing and updating of systems
  • Protection of networks utilizing tools such as encryption, next-generation firewalls, and anti-malware solutions
  • Obtaining cybersecurity insurance coverage
  • Account management and access control using measures such as password protocols and levels of access.