IFIC unveils updated cybersecurity guide

IFIC unveils updated cybersecurity guide

The Investment Funds Institute of Canada (IFIC) has updated its Cybersecurity Guide for Canadian firms as an international working group releases new guidance against cyber threats.

The Cybersecurity Program Basics guide, released by the International Investment Funds Association (IIFA), has been released across participating jurisdictions of the IIFA Cybersecurity Working Group.

Following an annual survey by the International Organization of Securities Commissions through its Task Force on Cyber Resilience, which found many asset management firms not employing some basic digital security measures, the IIFA guide outlines key steps to establishing a cybersecurity program. These steps include:

  • Establishing a framework;
  • Conducting security awareness training;
  • Having an incident response plan;
  • Performing table top exercises;
  • Establishing and monitoring normal network activity; and
  • Participating in trusted information sharing

“The release of the IIFA’s cybersecurity guide demonstrates a unified commitment to elevating and enhancing cybersecurity practices on a global scale,” IFIC President and CEO Paul Bourque said in a statement.

In line with IIFA’s new guidance, IFIC has released an update to its own cybersecurity guide. Aside from previous recommendations, the new guide highlights the potential benefit of information sharing, either through a government-sponsored website or through a trusted network of peers.

“Information sharing can help identify potential vulnerabilities and threats early, or even before, your firm is impacted,” the guide said.

Also noted in the IFIC guide was Canada’s new federal cyber certification program. Aimed at small- to medium-size enterprises, the voluntary CyberSecure Canada is based on 13 controls outlined in Baseline Cyber Security Controls for Small and Medium Organizations issued by the Canadian Centre for Cyber Security.

The updated handbook from IFIC includes new links to useful documents and websites. Aside from materials from Canadian regulators and international bodies, it features resources such as tools, questionnaires, and reports from other sources concerned with information security and minimizing cyber incidents.

“Rapidly evolving threats have the potential to harm clients, firms and the industry as a whole,” Bourque said. “We believe that having a robust cybersecurity program should be a top priority for firms.”

Follow WP on Facebook, LinkedIn and Twitter



OTTAWA'S RETIREMENT PLANNING BLOG If you have questions about retirement or financial planning then take a look here. Tons of articles & information on Canadian financial planning topics such as life insurance, investing and more.There are still a lot of misconceptions about money & retirement planning. I just want to help you retire when you want and how you want. As a Registered Retirement Consultant-RRC® and independent adviser, I share my unbiased knowledge to help you have a better understanding of investing, insurance and financial planning.Getting on track for retirement doesn't have to be confusing or complicated. Get the information you need to avoid mistakes and be Ready For Retirement!