Cybersecurity is key to protecting financial security

July 03, 2024

Three people around a desk using computers

You’ve had many conversations about financial security with business owners, but have you talked about the potentially devastating implications of failing to consider cybersecurity?Cybercrime is rampant. In 2023, the FBI’s Internet Crime Complaint Center (IC3) received 880,418 registered complaints from Americans — a record number, with related losses exceeding $12.5 billion.1

According to IC3, investment fraud was the most costly internet crime of 2023, totaling $4.57 billion in 2023, up 38% from $3.31 billion in 2022.1 Business email compromises were the second costliest, with reported losses amounting to $2.9 billion.1

The message is clear: It’s crucial for individuals and organizations to remain vigilant against cybersecurity threats at all times.

Why individuals and businesses need to stay on guard

The abilities of hackers to compromise the personal financial information of millions of Americans continue to fuel fears among corporations and consumers. Those who are concerned about protecting their finances and personal information from online threats might raise questions and concerns about just how safe their investments are in your cyber-care.

How can financial professionals help address employers’ and clients’ concerns?

Create a formal, well-documented cybersecurity program

First things first: put a comprehensive cybersecurity plan in action. Don’t be vague about your protocols. Develop an exhaustive plan that details methods already in place to protect your network, assets, employees, clients and customers.

Document in writing how you’d mitigate attacks, taking all possible methods of cyberattacks into account, including phishing, ransomware and viruses. Be clear and thorough.

Share your cybersecurity protocols

Similar to quelling market volatility fears, it’s wise to get ahead of potential issues or concerns by having proactive conversations with concerned clients or business contacts about your best practices with regard to cybersecurity protocols. 

While highly technical conversations are generally not warranted, conveying what steps you’re taking for protection is often reassuring.

In addition, a discussion about cybersecurity double-checks could help give your business contacts or clients a heads-up about what they might encounter during transactions with you. Items on the discussion list might include:

  • Multi-step authentications and authorizations
  • Encryption of email attachments
  • Verbal confirmations that could include voice recognition tools, or the use of other forms of biometrics such as fingerprint scanning

Your particular protocols may vary from those listed, but the point remains the same: Leaning into a discussion about the security measures you put in place can go a long way to help alleviate concerns from employers or individual clients.

Cybersecurity best practices

This conversation may also provide you with an opportunity to remind your clients that they can take an active role in keeping their personal and financial information safe.

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) offers timely and practical information about cyberattack prevention for companies and individuals. Consider sharing these suggestions:

Best Practices for Corporate Leaders and CEOs

CEOs and other C-suite executives have a great deal of influence when it comes to implementing company-wide cybersecurity protection:

  • Empower Chief Information Security Officers (CISOs) by including them in discussions and decisions pertaining to risk management and cybersecurity investments2
  • Lower senior management reporting thresholds to include any suspicion of malicious cyber-activity so threats are identified and acted upon quickly2
  • Require senior leadership to participate in cyber incident response plan testing to familiarize themselves with how the organization will manage major cybersecurity incidents2
  • Focus resources on systems that support critical business functions, ensuring business continuity and protection of critical business assets2

Best Practices for Individuals

Individuals can remain cybersafe by taking small steps that can make a big difference:

  • Implement multi-factor authentication to add a layer of protection beyond passwords. Email or text confirmation, authentication app confirmation codes, fingerprint/face ID or Fast Identity Online (FIDO) key makes it much less likely to get hacked3 
  • Turn on automatic software updates for all devices, applications and operating systems to prevent cyber criminals from exploiting system flaws to access your information3
  • Don’t click links from sources you don’t recognize as it can open the door to exposing sensitive information — more than 90% of successful cyberattacks start with phishing3
  • Use a password manager to generate and store unique, strong passwords3

Whether business or personal, protecting information — including financial accounts — from outside interference is a smart strategy for maintaining strong, trusted relationships.

1Federal Bureau of Investigation, Internet Crime Complaint Center. Internet Crime Report 2023. 2024, March
2 Cybersecurity & Infrastructure Security Agency. Shields Up: Guidance for Corporate Leaders and CEOs. Accessed 2024, March 6
3Cybersecurity & Infrastructure Security Agency. Shields Up: Guidance for Families. Accessed 2024, March 6