Protecting investors means protecting their data, too. Our Small Firm Cybersecurity Checklist supports small firms in establishing a cybersecurity program to:
- Identify and assess cybersecurity threats;
- Protect assets from cyber intrusions;
- Detect when their systems and assets have been compromised;
- Plan for the response when a compromise occurs; and
- Implement a plan to recover lost, stolen or unavailable assets.
This checklist is primarily derived from the National Institute of Standards and Technology (NIST) Cybersecurity Framework and FINRA’s Report on Cybersecurity Practices . Use of this checklist does not create a "safe harbor" with respect to FINRA rules, federal or state securities laws, or other applicable federal or state regulatory requirements.