Reporting on a recent data breach at a financial firm, Investment News turned to Harley Lippman, Founder and CEO at Genesis10, for his cybersecurity insight.
The firm, LPL Financial, is taking steps to safeguard financial advisers and their clients whose names, addresses, account numbers and Social Security numbers were exposed in a recent data breach. The broker-dealer is investigating the matter and providing affected investors with free credit monitoring and identity protection services.
Capital Forensics Inc., a company that provides data analytics to aid firms in litigation, regulatory, compliance and fraud matters, discovered on November 1 that an unauthorized person gained access to a third-party file-sharing system it uses. The person was able to access data files belonging to several of Capital Forensics' clients, including LPL.
In the article, Lippman said that without knowing more specifics about the breach, it's tough to determine whether LPL, Capital Forensics or both companies are vulnerable to enforcement actions, and that he believes firms like LPL need to do more rigorous penetration testing to identify where data can be accessed on their third-party systems.
"A cybersecurity company should try to break into the system, try every which way to hack into it and see where the weaknesses are," Lippman said. "That's basic, but not every cybersecurity company does that."
Genesis10, with its strategic partner, HolistiCyber, provides clients with the complete range of security assessment services, technical tools, and talent acquisition services.
InvestmentNews is the leading source for news, analysis and information essential to the financial advisory community.
Read the article, LPL providing credit monitoring, identity protection to investors exposed by data breach, at InvestmentNews.