RIA Cybersecurity Solution

• Document security protocols

• Train employees on cybersecurity best practices

• Automate cybersecurity compliance on user devices, networks and applications

• Comprehensive audit trail & logs of completed training modules and results

• Assess risk from third-party vendors 

• On-demand interactive security awareness eLearning

• Realistic employee phishing simulations

• Create a customized information security policy

• Couple MyRIACompliance® with the Cybersecurity solution to streamline activities and log tasks for you in the compliance log

Does the system help address cybersecurity regulatory guidance and focus areas?

Yes, the solution is designed to help RIA firms follow information security guidance issued by the Securities and Exchange Commission's ("SEC") Office of Compliance Inspections and Examinations ("OCIE"). Beginning in 2015, OCIE has specifically listed cybersecurity as an annual examination priority for RIAs. In more recent exam priority guidance, the OCIE staff has noted six specific focus areas: governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident response. The MyRIACompliance® cybersecurity platform helps to address each of these focus areas by empowering an RIA firm to efficiently construct, implement, and document a robust cybersecurity compliance program.

It is critical for RIA firms to prioritize cybersecurity, not only to fulfill their fiduciary duty to protect client information, but also to remain compliant and to prevent business disruption. 

The solution is built upon the National Institute of Standards and Technology ("NIST") information security framework and provides security awareness training, email phishing attack simulation, technology inventory and risk assessment, as well as the ability to build a customized information security policy.

Does the system follow the NIST cybersecurity framework?

Yes, the MyRIACompliance^® cybersecurity solution builds upon the NIST cybersecurity framework to help your firm implement a robust cybersecurity compliance program. NIST is the acronym for the National Institute of Standards and Technology, a government agency within the U.S. Department of Commerce that fosters cybersecurity research, education, and collaboration. As part of that effort, NIST has developed a cybersecurity framework to help organizations of all sizes to identify, assess, and manage cybersecurity risks. Notably, the Securities and Exchange Commission not only utilizes the NIST framework to help manage its own cybersecurity program, but has also commonly referenced the approach when issuing information security guidance to investment advisers.

The proprietary solution is designed exclusively for RIA firms of all sizes who face unique people, technology, and third party vendor cybersecurity risks and regulatory requirements

The MyRIACompliance Cybersecurity solution was created for both state and SEC registered RIA firms. The solution can be customized to your firm’s unique needs through connection sourcing and by pairing it with our MyRIACompliance® platform.

MyRIACompliance users will benefit from the integration capabilities, which streamline action items including confirming employees and technology vendors, security awareness training,  and maintaining the compliance log.

Users who choose the cybersecurity solution as a standalone solution can efficiently complete their supervisory duties.

• Proactive cybersecurity risk mitigation and reporting per NIST guidelines

• Custom Cybersecurity P&P Manual 

• In-house developers continuously innovating to keep up with the ever-changing world of technology and compliance requirements

• Simple interface, user-friendly 

• Mitigate cybersecurity risk with supervisory capabilities

• Receive expert guidance from Compliance Consultants for complex issues when utilizing our Enhanced Service 

• Collaborate with client advocates to customize the tool to match your firm’s needs