The biggest threat to your firm’s security may be lurking in your inbox.
Email is a primary means for RIA communication with clients, vendors, other third parties and within a firm. As a result, most data and security breaches happen through email, usually due to some combination of user error and gaps in cybersecurity protection. The potential risks are so great that the SEC has enacted privacy laws concerning the use, storage, transmission and handling of personal information.
Client email accounts are prime targets for identity thieves, who send bogus emails from hacked accounts. Spoofed emails are used to transfer money from investment accounts with success from unsuspecting RIAs.
Source: Financial Planning