Skip to main content
MENU
Subscribe
  • Subscribe
  • Account
  • LOGIN
  • Topics
    • Alternatives
    • Consultants
    • Coronavirus
    • Courts
    • Defined Contribution
    • ESG
    • ETFs
    • Hedge Funds
    • Industry Voices
    • Investing
    • Money Management
    • Opinion
    • Partner Content
    • Pension Funds
    • Private Equity
    • Real Estate
    • Russia-Ukraine War
    • SECURE Act 2.0
    • Special Reports
    • White Papers
  • Rankings & Awards
    • 1,000 Largest Retirement Plans
    • Top-Performing Managers
    • Largest Money Managers
    • DC Money Managers
    • DC Record Keepers
    • Largest Hedge Fund Managers
    • World's Largest Retirement Funds
    • Best Places to Work in Money Management
    • Excellence & Innovation Awards
    • WPS Innovation Awards
    • Eddy Awards
  • ETFs
    • Latest ETF News
    • Fund Screener
    • Education Center
    • Equities
    • Fixed Income
    • Commodities
    • Actively Managed
    • Alternatives
    • ESG Rated
  • ESG
    • Latest ESG News
    • The Institutional Investor’s Guide to ESG Investing
    • ESG Sustainability - Gaining Momentum
    • Climate Change: The Inescapable Opportunity
    • Impact Investing
    • 2022 ESG Investing Conference
    • ESG Rated ETFs
  • Defined Contribution
    • Latest DC News
    • DC Money Manager Rankings
    • DC Record Keeper Rankings
    • Innovations in DC
    • Trends in DC: Focus on Retirement Income
    • 2022 Defined Contribution East Conference
    • 2022 DC Investment Lineup Conference
  • Searches & Hires
    • Latest Searches & Hires News
    • Searches & Hires Database
    • RFPs
  • Performance Data
    • P&I Research Center
    • Earnings Tracker
    • Endowment Returns Tracker
    • Corporate Pension Contribution Tracker
    • Pension Fund Returns Tracker
    • Pension Risk Transfer Database
    • Future of Investments Research Series
    • Charts & Infographics
    • Polls
  • Careers
  • Events
    • View All Conferences
    • View All Webinars
    • 2022 Retirement Income Conference
    • 2022 Managing Pension Risk & Liabilities
    • 2022 WorldPensionSummit
Breadcrumb
  1. Home
  2. REGULATION AND LEGISLATION
January 07, 2019 12:00 AM

Investors, SEC want details on cybersecurity protections

Danielle Walker
  • Tweet
  • Share
  • Share
  • Email
  • More
    Reprints Print

    Institutional investors' due diligence of money managers, in particular, has evolved to include more specific questions about firms' cybersecurity practices and controls, said Andrew Borowiec, executive director of the Investment Management Due Diligence Association, New York.

    The Securities and Exchange Commission also is making cybersecurity one of its examination priorities for 2019, the agency announced in late December.

    Asset owners want to know specifics, such as who has access to sensitive data and the controls in place for security at managers, Mr. Borowiec said in a December phone interview.

    "One of the things we're seeing is institutional investors are asking money managers more about how they are training their people because you can have the best technology in the world, but if someone clicks on the wrong link, it's tough to guard against that."

    The SEC's exams will specifically focus on information security governance generally, among other areas. And its office of compliance inspections and examinations will continue to focus on the cybersecurity practices, governance and risk assessments, access rights and controls, data loss prevention, training and incident response efforts of investment advisers, which include asset managers, the agency said in a report on its 2019 exam priorities.

    In September, Voya Financial Advisors Inc., Des Moines, agreed to pay $1 million to settle SEC claims related to its failures in cybersecurity policies and procedures. Intruders allegedly "impersonated VFA contractors over a six-day period in 2016 by calling VFA's support line and requesting that the contractors' passwords be reset," the SEC said in an announcement at the time.

    The intruders allegedly used the new passwords to gain access to the personal information of 5,600 VFA customers. With access to customers' information, scammers then used the data to create new online customer profiles, and, in turn, gained unauthorized access to account documents for three customers, the SEC announcement stated.

    Voya did not admit to or deny the SEC's findings.

    Business email compromise and social engineering attacks "continue to be one of the leading methods used to target the asset and wealth management industry," Ertem Osmanoglu, a New York-based principal in the cybersecurity and privacy practice at PricewaterhouseCoopers, said in an email.

    Social engineering attacks entail manipulating targets in order to leverage human error or human interactions for access, such as what occurred in the alleged VFA incident.

    Citing PwC's 2018 Digital Trust Insights survey, Mr. Osmanoglu added that "among investment management respondents, concerns about phishing and social engineering increased 40% and concerns about cybercriminals increased 52% during the last year."

    "The human element and the high-touch and high-trust nature of these businesses create process gaps. Many of these attacks can be prevented by training personnel and establishing layers of defense through well-coordinated authentication, verification and monitoring processes.

    "Companies should perform an end-to-end review of their critical business processes to make sure these layers of controls embedded in and employees are trained to detect the deviations in processes," Mr. Osmanoglu wrote.

    Related Articles
    Investors pushing harder for cybersecurity solution
    SEC exams to focus on cybersecurity, retirement savers
    Cybersecurity put under investor microscope
    Cybersecurity put under investor microscope
    Cybersecurity must be top priority for all institutions
    'Stick to the plan' best advice when market volatility strikes
    Cybersecurity 'patchwork' leaving industry vulnerable
    Recommended for You
    Standards-of-conduct rules approved along party lines
    Standards-of-conduct rules approved along party lines
    Investors hail SEC guidelines on exchanges
    Investors hail SEC guidelines on exchanges
    U.K. regulator watching manager over Woodford fund freeze
    U.K. regulator watching manager over Woodford fund freeze
    A Good Time for Trend Following
    Sponsored Content: A Good Time for Trend Following

    Reader Poll

    June 6, 2022
    SEE MORE POLLS >
    Sponsored
    White Papers
    Nearing the finish line: Ideas on end-state investing for corporate DB plans
    The Meaning of "Portfolio Intelligence"
    Credit Indices: Closing the Fixed Income Evolutionary Gap
    Forever in Style: Benchmarking with the Morningstar® Broad Style Indexes℠
    Crossroads: Politics, Inflation, & Bonds
    Is there a mid-cap gap in your DC plan?
    View More
    Sponsored Content
    Partner Content
    The Industrialization of ESG Investment
    For institutional investors, ETFs can make meeting liquidity needs easier
    Gold: the most effective commodity investment
    2021 Investment Outlook | Investing Beyond the Pandemic: A Reset for Portfolios
    Ten ways retirement plan professionals add value to plan sponsors
    Gold: an efficient hedge
    View More
    E-MAIL NEWSLETTERS

    Sign up and get the best of News delivered straight to your email inbox, free of charge. Choose your news – we will deliver.

    Subscribe Today
    June 20, 2022 page one

    Get access to the news, research and analysis of events affecting the retirement and institutional money management businesses from a worldwide network of reporters and editors.

    Subscribe
    Connect With Us
    • RSS
    • Twitter
    • Facebook
    • LinkedIn

    Our Mission

    To consistently deliver news, research and analysis to the executives who manage the flow of funds in the institutional investment market.

    About Us

    Main Office
    685 Third Avenue
    Tenth Floor
    New York, NY 10017-4036

    Chicago Office
    130 E. Randolph St.
    Suite 3200
    Chicago, IL 60601

    Contact Us

    Careers at Crain

    About Pensions & Investments

     

    Advertising
    • Media Kit
    • P&I Content Solutions
    • P&I Careers | Post a Job
    • Reprints & Permissions
    Resources
    • Subscribe
    • Newsletters
    • FAQ
    • P&I Research Center
    • Site map
    • Staff Directory
    Legal
    • Privacy Policy
    • Terms and Conditions
    • Privacy Request
    Pensions & Investments
    Copyright © 1996-2022. Crain Communications, Inc. All Rights Reserved.
    • Topics
      • Alternatives
      • Consultants
      • Coronavirus
      • Courts
      • Defined Contribution
      • ESG
      • ETFs
      • Hedge Funds
      • Industry Voices
      • Investing
      • Money Management
      • Opinion
      • Partner Content
      • Pension Funds
      • Private Equity
      • Real Estate
      • Russia-Ukraine War
      • SECURE Act 2.0
      • Special Reports
      • White Papers
    • Rankings & Awards
      • 1,000 Largest Retirement Plans
      • Top-Performing Managers
      • Largest Money Managers
      • DC Money Managers
      • DC Record Keepers
      • Largest Hedge Fund Managers
      • World's Largest Retirement Funds
      • Best Places to Work in Money Management
      • Excellence & Innovation Awards
      • WPS Innovation Awards
      • Eddy Awards
    • ETFs
      • Latest ETF News
      • Fund Screener
      • Education Center
      • Equities
      • Fixed Income
      • Commodities
      • Actively Managed
      • Alternatives
      • ESG Rated
    • ESG
      • Latest ESG News
      • The Institutional Investor’s Guide to ESG Investing
      • ESG Sustainability - Gaining Momentum
      • Climate Change: The Inescapable Opportunity
      • Impact Investing
      • 2022 ESG Investing Conference
      • ESG Rated ETFs
    • Defined Contribution
      • Latest DC News
      • DC Money Manager Rankings
      • DC Record Keeper Rankings
      • Innovations in DC
      • Trends in DC: Focus on Retirement Income
      • 2022 Defined Contribution East Conference
      • 2022 DC Investment Lineup Conference
    • Searches & Hires
      • Latest Searches & Hires News
      • Searches & Hires Database
      • RFPs
    • Performance Data
      • P&I Research Center
      • Earnings Tracker
      • Endowment Returns Tracker
      • Corporate Pension Contribution Tracker
      • Pension Fund Returns Tracker
      • Pension Risk Transfer Database
      • Future of Investments Research Series
      • Charts & Infographics
      • Polls
    • Careers
    • Events
      • View All Conferences
      • View All Webinars
      • 2022 Retirement Income Conference
      • 2022 Managing Pension Risk & Liabilities
      • 2022 WorldPensionSummit