Financial services firms are reportedly hit by security incidents 300 times more frequently than other businesses, according to ID Theft Resource Center. To help financial planners protect their data and comply with the cybersecurity requirements established by the Securities and Exchange Commission (SEC) and FINRA, the Financial Planning Association (FPA) today launched Cybersecurity for Financial Planners: An FPA Certificate Program.

The certificate program, which includes six focus areas, was developed in partnership with FCI, a leading financial services cybersecurity authority and participant in FINRA’s Preferred Pricing Program. The program guides financial planners through a step-by-step process to establish a customized, long-term cybersecurity plan that ensures they are adopting reliable security measures that safeguard client data and provide a record of the firm’s cybersecurity practices if audited by regulators.

“A tremendous amount of data and assets are at stake, and financial planning professionals are a prime target for cyber thieves. With billions of dollars lost each year due to cybercrime, it’s imperative financial planners earn client loyalty and trust by embracing a cybersecurity strategy that keeps data and assets safe,” says 2020 FPA President Martin C. Seay, Ph.D., CFP. “Brian Edelman, Vincent Guyaux, and the entire FCI team are leading authorities on these important matters. This partnership and the certificate program specifically will help financial planners build a sound cybersecurity plan that is needed more than ever considering the fast pace at which business is being done digitally.”

As part of the FPA Learning Center, the certificate program is designed to educate financial professionals on critical aspects of cybersecurity, how to implement a cybersecurity program successfully, and how to safeguard sensitive information and confidential data. The program is broken down into six sections:

• Section 1: Introduction to Cybersecurity — Explores the history of cybersecurity and significant changes that have taken place since 2014. Participants also learn why the New York Department of Financial Services (NYDFS) requirements are of central focus when building a cybersecurity program.
• Section 2: What is a Cybersecurity Program? — Provides an overview of a cybersecurity program and outlines the differences between controls, sections, and policies. Participants gain an understanding of policy ownership and the basics of creating a new policy. 
• Section 3: Program Controls — Covers the different policies under Program Controls, types of information that falls under Non-Public Information (NPI), risk management and risk assessment, and the role of the Security Team and its members.
• Section 4: Process Controls — Details the significance of a business continuity plan, the importance of a Security Incident Response Plan (SIRP), the purpose of vendor risk management and potential challenges, and the value of a Change Management Log.
• Section 5: Data Controls — Describes infrastructure management, endpoints and how they’re managed, file and data management, and the importance of user management and password management software.
• Section 6: Technical and Physical Controls — Explains managed endpoint security, the significance of workstations, mobile device and network security, the importance of Incident Response Plans, and physical security.

“FCI was pleased to support this FPA initiative by participating in the course design and development,” says Brian Edelman, CEO of FCI. “Financial advisers can now leverage the certificate to implement and manage their cyber program to reduce their risk.”

The course was designed and is delivered in a format similar to a hands-on workshop, which means those completing the course will receive a digital certificate for accomplishment and have a completed, compliant cybersecurity plan for their firm. CERTIFIED FINANCIAL PLANNER professionals completing the entire program will earn 2.5 CFP CE credits.

Financial planners interested in learning more about the Cybersecurity for Financial Planners certificate program can visit www.financialplanningassociation.org/cyber. Journalists interested in learning more about the program can contact Ryanne Harrah at RHarrah@OneFPA.org.