Blog Article

Introducing the new MyRIACompliance Cybersecurity Platform

May 15, 2019

Our list of the top registered investment adviser (RIA) compliance and regulatory news articles for the week of April 2, 2016.

RIA cybersecurity platformToday, we announced the official release of our new registered investment adviser (“RIA”) cybersecurity platform. As cybersecurity continues to be a top regulatory priority, the new MyRIACompliance cybersecurity platform empowers an RIA firm to efficiently construct, implement, and document a robust cybersecurity compliance program with a single solution. The proprietary platform is designed exclusively for RIA firms of all sizes who face unique people, technology, and third party vendor cybersecurity risks and regulatory requirements. The platform is built upon the National Institute of Standards and Technology (“NIST”) information security framework and provides security awareness training, email phishing attack simulation, technology inventory and risk assessment, as well as the ability to build a customized information security policy


How We Empower Your Employees to be Your Firm’s Greatest Cybersecurity Defense

Security Awareness TrainingRIA cybersecurity security awareness training videos

The platform features proprietary online security training videos for your firm’s Chief Compliance Officer (“CCO”) and all staff members. For the CCO, this training includes updates on the regulatory guidance and risk alerts as well as an overview of the NIST cybersecurity framework. For employees, topics include email phishing, ransomware, and best practices while traveling.

The training module also bundles detailed testing and tracking in order to document and demonstrate the implementation of your firm’s training program. 

Email Phishing Attack SimulationRIA email phishing testing software

In addition to educating your firm’s staff on the how to prevent email phishing cyber attacks, our platform also includes automated phishing email attack simulations. Our platform will automatically send test phishing emails to your firm’s staff to gauge your firm’s current level of awareness and readiness. 

Your firm’s CCO will be able to see real-time results to see which staff members may have opened or clicked on a phishing test email. All of these results are documented and logged to further demonstrate the implementation of your firm’s cybersecurity program.

Vendor Due Diligence

The platform’s automated vendor due diligence tool empowers your firm to do all of the following digitally through the platform:

  1. Perform proper due diligence before selecting a vendor
  2. Perform proper ongoing vendor due diligence reviews
  3. Conduct a regular vendor risk assessment
  4. Review the vendor’s information security documents
  5. Review the vendor’s business continuity plan

RIA third party vendor due diligence automation

Employee and Technology Risk Inventory and Assessment

Before implement an RIA cybersecurity compliance program, your firm first needs to step back and properly inventory all the technology systems used by your firm which may contain sensitive client information and also understand what level of access each staff member has to each system. The platform’s automated workflows help you properly establish and track system access and controls and also ensure that a departed employee’s access to technology systems is promptly terminated. 

Customized Written Information Security Policy Creation and Updates

The platform also includes access to a redesigned written information security policy built upon the five pillars of the NIST cybersecurity framework: identify, protect, detect, respond, and recover. The manual is regularly updated to encompass the latest regulatory guidance and industry best practices. The platform also manages the digital distribution and attestation of the policy to all staff members. 

The cybersecurity platform is available as standalone platform or can be added to a traditional MyRIACompliance subscription. 

One of our company’s longstanding commitments is investing time and resources to make the RIA in a Box service more valuable to the clients we serve. Since launching MyRIACompliance n 2014, we have sought to make our service more efficient and higher quality by combining our human expertise with new tools and features. At RIA in a Box, we release new compliance software features and enhancements on a daily basis. One of our more notable releases in recent months include the regulatory audit prep tool.