The Six Elements of an Effective Cybersecurity Plan (IIAC Blog)

November 24, 2015 by
Ian Russell photo - February 2014
Ian Russell


On November 9, 2015, I had the pleasure of speaking at the Knowledge Bureau’s Distinguished Advisor Conference. The audience included both IIROC- and MFDA-registered advisors.

The topic of my presentation was Cybersecurity in the Financial Industry. I described the sophistication and global dimensions of the cyber threat and the serious consequences of such an attack to firms and clients. The presentation also gave me an opportunity to explain the IIAC’s role in raising awareness and assisting dealer Member firms to put in place defenses to counter the cyber threat.

In the November issue of the IIAC Letter from the President, I stated that the top two priorities for investment dealers is to understand the full dimensions of the global threat of a cyber attack and to have a detailed plan to address the threat. I set out the six elements of an effective cybersecurity plan:

  1. Governance and risk management
  2. Risk assessment
  3. Technical / Process controls
  4. Incidence Response Plan
  5. Information sharing
  6. Cyber insurance

It is critical that all financial services firms, including IIAC Member firms, develop a comprehensive cybersecurity plan that protects the assets and information of clients, as well as the organization’s reputation.

The IIAC provides leadership for Canada’s investment industry. The Association provides a forum for firms to discuss problems and solutions to the cyber threat, to develop industry strategy and specific initiatives to identify and respond to security incidents, as well as the tools and templates to assist firms.

As a trade association representing 144 Canadian investment dealer firms, the IIAC has the capability and responsibility to bring together regulators and governments to work towards appropriate regulation and defense of the evolving global cyber threat.

I encourage you to read my Letter from the President by clicking here.

Reset Forgotten Password

NOTE: Your username is your email address UNLESS you have changed it.