Cybersecurity and Artificial Intelligence Tips by Kathryn Konzen

May 2025

Responsible Use of AI Intelligent Agents in the Securities Industry

Artificial Intelligence (AI) Intelligent Agents (Algorithmic Trading Systems, AI/Machine Learning Models or Automated Investment Tools) are rapidly becoming part of the securities industry’s operational set up, from trade execution to compliance surveillance and client communication. But without proper governance, these tools can introduce regulatory, operational, and reputational risks.
Intelligent Agents should be governed as regulated participants, not just digital tools. Firms should approach them as high-tiered digital employees, with assigned responsibilities, monitored actions, and enforced accountability.

Action Items & Compliance Risk Mitigation:
• Supervisory Controls: Apply FINRA Rules 3110/3120 to Intelligent Agent activity. Implement logs, alerts, and audit trails.
• Digital Personnel Files: Maintain Intelligent Agent “profiles” with documented use case, data access, model lineage, and risk tier.
• Employee-Level Governance: Treat Intelligent Agents like high-sensitivity employees. Monitor behaviors, apply access controls, and regularly review for misconduct or drift.
• Explainability Standards: Enforce decision transparency, especially in client-facing logic or trading algorithms.
• Licensing Awareness: Evaluate whether Intelligent Agent functions require registered rep oversight or trigger licensing obligations.
• Human Oversight: Maintain active, qualified human supervision over Intelligent Agent activities. AI must support, not replace, compliance accountability.
• AI Incident Playbooks: Update cybersecurity response plans to include anomalies, data misuse, or model failure.

If you are considering or have implemented AI Intelligent Agents, we encourage you to review internal protocols to ensure compliance. For assistance, give us a call at 619.298.2880 or email [email protected].

April 2025

Roadmap for Evolving Cybersecurity Regulations
The financial services sector continues to face mounting regulatory scrutiny and cybersecurity threats. RIAs, Broker-Dealers, and Investment Advisers must establish a comprehensive cybersecurity roadmap to meet evolving obligations under related regulations. Below is a sample five-year plan:

Year 1:
• Implement MFA across all internal systems
• Encrypt all stored client data
• Review and update cyber insurance coverage
• Maintain a current, written Incident Response Plan

Year 2:
• Strengthen endpoint detection tools
• Upgrade firewalls with advanced technology

Year 3:
• Conduct breach simulations to train staff
• Engage a trusted Managed Detection & Response provider with 24/7 monitoring

Year 4:
• Appoint a dedicated Privacy Officer
• Track compliance in line with jurisdictional regulations

Year 5:
• Provide clients with a secure portal and document vault
• Launch real-time fund dashboards for enhanced transparency

March 2025 

Cybersecurity Obligations: Implementing Regulation S-P

The SEC’s amendments to Regulation S-P significantly heighten cybersecurity obligations for financial firms. By December 3, 2025 (or June 3, 2026 for smaller entities), firms must have a comprehensive incident response program to detect, respond to, and recover from unauthorized access to customer information.

Key requirements include:

– Incident Response Program – Establish written policies to address data breaches and unauthorized access.
– Customer Notification – Notify affected individuals within 30 days of discovering unauthorized use of sensitive information.
– Service Provider Oversight – Ensure third-party vendors handling customer data maintain strong security measures.

Failure to comply could result in enforcement actions and reputational harm. Start now by reviewing your cybersecurity policies, vendor agreements, and incident response procedures to ensure compliance. The deadline may seem distant, but early preparation is critical.

For assistance with your cybersecurity compliance or to assess your firm’s readiness and mitigate risks, please call 619.298.2880 or email [email protected].

February 2025

Importance of Implementing a Comprehensive Cyber-Attack Response Plan

Developing and maintaining a comprehensive cyber-attack response plan is essential for mitigating damage, ensuring swift response and recovery, maintaining integrity of operations, and meeting SEC and other regulatory agencies’ compliance requirements.

For those in the financial services sector, a comprehensive incident response plan should be created to guide the organization through the steps necessary to identify, contain, and mitigate the effects of a security breach. This plan must include:

– Communication Strategies: A clear approach for notifying affected clients, regulatory bodies, and internal stakeholders. These communications should be timely, transparent, and compliant with regulatory obligations to ensure proper disclosure and mitigate potential reputational harm.

– Regular Testing and Mock Scenarios: To ensure readiness, the plan should be tested through regular drills that simulate real-world cyber-attacks. This prepares staff to act quickly and efficiently under pressure, minimizing the potential impact of the breach.

– Proactive Threat Preparedness: Taking proactive measures to strengthen defenses against cyber threats not only reduces downtime but also ensures that client data remains secure. This enhances confidence among clients and regulators, fostering trust and maintaining the firm’s reputation.

Preparing for cyber incidents ahead of time can significantly reduce the impact of security breaches and ensure a quicker recovery while maintaining compliance and client trust.

January 2025

MFA in Cybersecurity Compliance

Multi-factor authentication (MFA) is essential for enhancing security and meeting regulatory compliance in the finance sector. By requiring multiple forms of verification before granting access, MFA adds a layer of protection that reduces the risk of unauthorized access, even if passwords are compromised. It is vital for complying with regulations such as SEC Regulation S-P, FINRA Rule 4370, and the Gramm-Leach-Bliley Act, which mandate robust security measures for protecting financial data.

Key action steps for MFA compliance include:

• Implement MFA Across All Systems: Enforce MFA for access to sensitive systems and client data.
• Combine MFA with Strong Passwords: Use complex passwords alongside MFA for added protection.
• Require MFA for Remote Access: Enforce MFA for remote or third-party access to firm systems.
• Regularly Review Access Controls: Audit user access to ensure only authorized personnel can access sensitive information.
• Monitor and Enforce Compliance: Conduct routine checks to ensure adherence to MFA protocols.
• Educate Employees: Train staff on the importance of MFA and its role in regulatory compliance.
• Stay Updated on Regulations: Keep up with evolving regulations to maintain effective MFA practices.

For help with your cybersecurity policies and protocols, contact us at 619.298.2880 or email [email protected]