You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

SEC Risk Alert - Ransomware Targets Investment Companies

In response to elevated Ransomware attacks, the SEC issued a cybersecurity warning to brokers and investment companies.

You know it's bad when your regulator issues a warning.

In this case, it's the Securities and Exchange Commission (SEC - not the football conference). The SEC oversees your stock broker, as well as investment companies.

The Office of Compliance Inspections and Examinations has also observed an apparent increase in sophistication of ransomware attacks on SEC registrants.

Cybercriminals are no dummies - they've even formed a cartel to enhance their attacks! They attack investment companies because that's where the money is. Hacker groups know they can extract more ransom from companies that have a reputation to uphold, regulators to appease or sensitive data protect.

In addition, OCIE has observed ransomware attacks impacting service providers to registrants.

To broaden the net, the attacks have spread to the vendors and partners of investment companies. Cybercriminal gangs know they can target smaller companies to hit their larger clients.

So what does the SEC instruct companies to do next?

  • Implement an incident response plan
  • Audit operational resiliency
  • Adopt security awareness training
  • Manage privileged access
  • Enhance network security

Are you ready to take action?
We make it easy to protect your team from attacks just like this one. Find out how to protect your team with INFIMA's Automated Security Awareness platform.

To get a quote, set up a call with our (non-pushy) team here!

For more, see the SEC Risk Alert here.

Joel Cahill

Cybersecurity enthusiast. Entrepreneur.