Given the current geopolitical climate, we’re hearing a lot about the risk of cyberattacks on infrastructure industries such as banks. Several of our clients have asked us questions about this issue, so we want to provide some reassurance and guidance.
The Risk Is Real
The threat of cyberattacks to financial and other critical businesses has been serious for many years, but this threat has escalated in the two months since Russia began its brutal attack on Ukraine. In response to that attack, the United States government and its allies have imposed unprecedented economic and other sanctions on Russia. In the wake of these sanctions, Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency confirms intelligence indicating that the Russian government is exploring options for increased attacks. So the risk is real.
What Banks Are Doing
While the risk certainly exists, it’s also true that financial institutions are taking these threats very seriously and increasing steps to strengthen their cyber defenses. This includes Chicory Wealth, as well as Fidelity, the custodian of most of Chicory Wealth clients’ assets. We reached out to our representatives at Fidelity to confirm exactly what defense strategies they have in place and were not surprised to hear that their process is constant and vigorous. Fidelity runs a 24/7 cybersecurity operation in multiple countries, which continually monitors and analyzes new information and data. They then test their own operations against the data collected. They respond to the constantly evolving information by inserting new layers of protection and developing new strategies for recovery, in the event it should be needed. In other words, they focus on prevention, detection, and recovery. We recommend you read this short article, which describes Fidelity’s defense against cyberattacks. In addition, this brochure outlines Fidelity’s safeguards for protecting clients’ assets. If you use a different financial institution, it’s likely it has also stepped up safeguards, but we recommend you ask to confirm.
What You Can Do
It is reassuring to know that institutions like Chicory Wealth and Fidelity are making cybersecurity a number one priority, but individuals must play a part too. We have mentioned this before, but it bears repeating: The best defense against cybercrime is knowledge of criminal strategies and a commitment to diligent “cyberhygiene,” even if it’s inconvenient or takes a few extra steps. Here are some key steps people can take to increase their “cyberhygiene”:
- Make sure your passwords are strong and unique to each site you use – not just your financial sites, but also your email and social media accounts. Using a password manager is highly recommended.
- Set up multi-factor authentication on all your log-ins to your financial and other sensitive sites.
- Make sure the software on your computer, phone, and all devices is always up-to-date.
- To avoid “phishing” attempts, carefully review any messages you receive, double-check the sender’s email address, look for misspelled or poorly written copy, and don’t automatically click on links or attachments.
- Check to make sure your contact information at your institutions is correct so they can reach you when needed.
Fidelity has a Make Yourself a Difficult Target for Cyber Criminals brochure with more details for protecting yourself. And of course, if you have any questions about security, we’re always here to answer.