banking & financial services
In 2020, The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) observed an increase in the number of cyber-attacks against SEC-registered investment advisers and brokers / dealers using credential stuffing, a method of cyber-attack to client accounts that uses compromised client login credentials, resulting in the possible loss of customer assets and unauthorized disclosure of sensitive personal information. The failure to proactively mitigate the risks of credential stuffing proactively significantly increases various risks for firms, including but not limited to financial, regulatory, legal, and reputational risks, as well as, importantly, risks to investors. Financial Services firms must maintain vigilance in the areas of IT governance and strategy; infrastructure; information security; business continuity and disaster recovery; and data analysis and management. Firebird Tech Partners has extensive experience in managing these key areas to ensure proper planning, design, and oversight to ensure operational risk management is a cornerstone to our client’s financial platforms.