Social engineering schemes include vishing and smishing; these schemes are becoming more common among employees who use personal devices for work. Fortunately, there are steps your organization can take to remain aware and vigilant about evolving social engineering attack risks.
In recent years, the SEC has heightened its emphasis on cybersecurity requirements for firms. Routine examinations now often involve in-depth requests for information on firms’ cyber and data security practices, which are areas of evolving risk for all market participants.
If a vendor has weak security measures, your firm or client information could be at risk if bad actors successfully compromise this third party’s system. Proactively reviewing and vetting vendors’ cybersecurity policies and procedures is an effective way to block potential data theft.