Video
Focus on Funds: ICI Brings New Cybersecurity Offerings to the Fund Industry
Focus on Funds
ICI Brings New Cybersecurity Offerings to the Fund Industry
In the United States and around the world, ICI continues to expand cybersecurity resources available to members, as well as provide opportunities to exchange information. In the October 20, 2017, edition of Focus on Funds, Peter Salmon, ICI senior director for operations and technology, offers an update.
Transcript
Stephanie Ortbals-Tibbs, media relations director, ICI: Cybersecurity is one of the industry’s top priorities, and ICI is always at work on new programming and information for its members in this area, as I learned from talking to ICI Senior Operations Director Peter Salmon.
Peter Salmon, senior director of operations and technology, ICI: I’d say the primary initiative is the cybersecurity survey. This is the third year that we’ve administered this survey, and while there are many cybersecurity surveys that are out and about, this one goes just to our mutual fund members. It has become a very valuable tool for conversations internally at firms between management and the boards of directors because we can tier the results by asset size. So, firms can look across their peer group and see how their information security programs match to industry practice. Everything’s anonymous, everything’s aggregated. But they now have this very valuable tool to initiate conversations.
Ortbals-Tibbs: In addition to this survey, there’s also a lot of work going on with in-person knowledge sharing.
Salmon: There is, and we continuously do that in the United States with our members, and we do that abroad in various jurisdictions. Coming up in October, we’re going to be in Australia working together with Financial Services Council, bringing our members together, their members together, and connecting them with each other and with law enforcement down there, which we think is a key component to a successful program.
Ortbals-Tibbs: That’s new. You’ve globe-trotted quite a bit for ICI, trying to really bring together these cybersecurity communities on behalf of our members, but this is a new region.
Salmon: This is a new region. We’ve been in Europe, and in Asia, and Japan. Obviously, the United States is where we started, but this has been a very successful program, and I think our members greatly appreciate the connections that they’re forming.
Ortbals-Tibbs: So now, let’s move back stateside. You also have a major conference coming here.
Salmon: We do, in December. This’ll be the third year that we have a one-day cybersecurity forum, and we have some exciting things lined up. We have a speaker that’s going to be talking about cyber Watson, and applications that will help improve mitigating cyberthreats and the AI space, which is very promising. And we have several panels, like we always do. We’re going to be talking about some very timely topics: data exfiltration and what firms should be concerned about in that area; migrating to the cloud—the pros and cons of that, and that’s particularly timely as folks look to migrate applications to the public cloud; and also establishing security with your stakeholders such that it creates trust, as opposed to this Big Brother looking over your shoulder, and how do you navigate those waters.
Ortbals-Tibbs: Peter, one of the remarkable things about your conference is that it’s one of those where you never run the risk that the content’s going to be a repeat from the year before.
Salmon: No, they’re all different, and this is not a technical conference. This conference is really geared for compliance, for risk, for trustees to come and hear from technologists, and the panels are moderated by members from our CISO [chief information security officer] group, in plain English—how these threats are mitigated, how they approach these different initiatives, and I think they can all walk away and take things back to their shop that they can actually implement.