NASAA Releases a Study on How Mid-Sized Advisers Have Addressed Cybersecurity Risks

September 10, 2014

The North American Securities Administrators Association (NASAA) released results of a survey conducted in July 2014 addressing the cybersecurity practices of state-registered investment advisers. Such advisers account for more than half of the registered investment advisers conducting business in the U.S. The survey covered 440 registered investment advisers with assets under management of less than $100 million. Investment advisers from nine states participated in the survey.

The survey found 4.1% percent of responding firms indicating they had experienced a cybersecurity incident and even fewer, 1.1% percent, indicating they had experienced theft, loss, unauthorized exposure, or unauthorized use of or access to confidential information. The survey also found that 62% of firms have undergone a cybersecurity risk assessment and 77% have policies and procedures related to technology or cybersecurity. 85% of state-registered advisers use computers, tablets, smartphones and other electronic devices capable of accessing client data. 92% of the advisers used e-mail to communicate with clients.

Click here to access the survey.


Investment Advisers