Cybersecurity Checklist

Protecting investors means protecting their data, too. Our Small Firm Cybersecurity Checklist supports small firms in establishing a cybersecurity program to:

Identify and assess cybersecurity threats;
Protect assets from cyber intrusions;
Detect when their systems and assets have been compromised;
Plan for the response when a compromise occurs; and
Implement a plan to recover lost, stolen or unavailable assets.

This checklist is primarily derived from the National Institute of Standards and Technology (NIST) Cybersecurity Framework and FINRA’s Report on Cybersecurity Practices . Use of this checklist does not create a "safe harbor" with respect to FINRA rules, federal or state securities laws, or other applicable federal or state regulatory requirements.

Download the Cybersecurity Checklist