Current data security issues for financial services firms
Abstract
Purpose
To provide a roadmap for financial services firms in designing some key policies and procedures relating to their cybersecurity programs, including document retention policies, creating incident response plans, and starting or evaluating a bounty program.
Design/methodology/approach
This article is divided into three parts: how to design a document retention policy, how to draft an effective incident response plan, data privacy considerations for starting or evaluating a bounty program. The information is presented in narrative form as well as through a series of practical checklists, questions for consideration and tables to represent data collected from other sources or analyzed by the authors.
Findings
This article identifies best practices for data security with respect to document retention policies, incident response plans and bounty programs.
Originality/value
This article includes practical guidance regarding document retention policies, incident response plans and bounty programs from lawyers with experience in data privacy and security, investment management and fund formation. This information is of value to financial services firms, which face potential financial implications and increasing regulatory ramifications, including enforcement actions, fines and penalties, for the failure to adopt tailored cybersecurity programs.
Keywords
Citation
Sipes, E.K., James, J. and Zetoony, D. (2016), "Current data security issues for financial services firms", Journal of Investment Compliance, Vol. 17 No. 3, pp. 55-59. https://doi.org/10.1108/JOIC-07-2016-0034
Publisher
:Emerald Group Publishing Limited
Copyright © 2016, Bryan Cave LLP, All Rights Reserved.