Cybersecurity solutions highlighted by MFDA

27 juin 2016

Ce billet est disponible en anglais seulement.

The Mutual Fund Dealers Association of Canada (MFDA) recently published guidance (the Bulletin) on contending with cybersecurity threats.  The Bulletin suggests a comprehensive suite of cybersecurity considerations that are widely used but that may nonetheless be particularly relevant to MFDA members.

The Bulletin encourages MFDA members to create a “cybersecurity framework” which considers the unique operations and potential vulnerabilities of the MFDA member in implementing additional controls and risk management techniques.  According to the Bulletin, maintaining the confidentiality of important information; ensuring that information remains complete, intact and uncorrupted; and maintaining the availability of a firm’s systems, services and information are the three fundamental goals of a successful cybersecurity framework.

The Bulletin includes some practical suggestions for minimizing the threat of a cybersecurity breach.  Those suggestions range from governance-related matters, physical and virtual security, training and preparedness.  For example, the Bulletin suggests involving the board of directors of a firm in cybersecurity risk management and obtaining cybersecurity insurance coverage.  Policies and procedures regarding cybersecurity prevention and incident response, including notice to the Privacy Commissioner of Canada, should be prepared and mandatory ongoing training for all staff of a firm should be provided. 

The Bulletin concludes by suggesting additional resources for further reading.  These include: IIROC’s Cybersecurity Best Practices Guide; IIROC’s Cyber Incident Management Planning Guide; FINRA’s Report on Cybersecurity Practices; CSA Staff Notice 11-326 Cyber Security; and BIS’ and IOSCO’s Guidance on Cyber Resilience for Financial Market Infrastructures

MISE EN GARDE : Cette publication a pour but de donner des renseignements généraux sur des questions et des nouveautés d’ordre juridique à la date indiquée. Les renseignements en cause ne sont pas des avis juridiques et ne doivent pas être traités ni invoqués comme tels. Veuillez lire notre mise en garde dans son intégralité au www.stikeman.com/avis-juridique.

Restez au fait grâce à Notre savoir