2019 New Year's IT Resolutions for Investment Management Firms
With the new year now upon us, what better time to create your 2019 resolutions for your firm's IT strategy! As we know, the threat landscape is constantly evolving, cloud computing has gained momentum and is now widely accepted in the investment management industry, and new technologies and trends are emerging to support firms with their IT and operational needs.
Continue reading for Eze Castle Integration's recommendations for IT resolutions for 2019:
1.) Create a Cybersecurity Incident Response Plan
As the experts in the industry say, it's not if, but when, a cybersecurity incident will occur. According to a recent report by TechCrunch, cyber attacks are set to spike again in 2019, meaning firms need to continue to stay on top of cybersecurity best practices, utilizing layers of security to protect sensitive data, of course, have a Cybersecurity Incident Response Plan. This includes creating an Incident Response Team consisting of members throughout different departments in the organization, and mapping out the steps to take before, during and after a security incident.
Building on this, developing a Written Information Security Plan, or a WISP, is critical to securing your information, but also required if your firm is registered with the SEC. Having documentation of your firm's plan and systems in place to protect personal information and sensitive company information can help mitigate threats and risk against and protect the integrity, confidentiality, and availability of your firm's data.
3.) Create a comprehensive employee security training program
If you don't have an employee training program, it is critical that you create one in 2019. If you already have an existing employee training program, you must periodically audit this program, ensuring it is both effective and current. Having a managed phishing and training program is an effective way to train employees on how to spot and report phishing and social engineering attempts. These simulated phishing attacks against your employees provide real-time and interactive training.
4.) Ensure your firm's data is backed up
If your firm doesn't have a Disaster Recovery program, make it a priority in 2019. Having a DR solution assures that operations can resume quickly in the event of an outage or disaster, which puts investors and the C-Suite alike at ease. Or, if your firm has a DR program, but doesn't regularly test it, your resolution should be testing your firm's DR efforts to verify that your Disaster Recovery program is effective and timely.
5.) Audit your IT tools and processes
You should be periodically testing, auditing and maintaining all IT tools, technologies and processes. Staying up to date with best practices isn't enough to ensure the efficacy and security of your tools and processes, investment management firms must be implementing these best practices, and testing and auditing existing programs periodically throughout the year to ensure systems are secure and functioning as intended.
With all this in mind, if you find that this is right time to outsource any or all of your IT functions, you can contact Eze Castle Integration for a consult on how we can support your investment management firm.