Clearwater Capital Completes Cybersecurity Program Review
/As with many aspects of our lives, Clearwater Capital relies on sophisticated technology to meet the needs of our clients while also keeping the sensitive information gathered in that process safe and secure. Protecting client information is one of our firm’s top priorities, to which we have dedicated a large amount of time and resources. The reason is simple; the Securities and Exchange Commission’s Office of Compliance Inspection and Examinations estimates that 74% of the advisors examined have experienced cyberattacks directly or through one or more of the their vendors.* The bad actors of the world are smart, motivated, and incentivized. Their tactics change frequently, and they are very good at what they do.
As such, Clearwater recently engaged the services of Charles Schwab’s Business Consulting and Education Group to assist us in completing a comprehensive Cybersecurity Evaluation Program. Utilizing the National Institute of Standards and Technology (NIST) Cybersecurity framework as our guide, a team of Clearwater employees representing each functional area of the firm worked with Schwab’s Cybersecurity experts to review, evaluate, and improve our Cybersecurity Policies & Procedures. The team also updated our monitoring processes to further enhance the security of our systems and will continue to monitor the evolution of our business, the industry, technology, and the wide array of threats that exist to proactively make future updates as needed.
While no program is perfect, our review found only minor updates and improvements which reflects the degree of attention that this area of our business has received in the past. While we cannot share the details of our policies, clients of the firm will continue to experience some in action. Secure email transmissions, verbal verifications with the use of security questions, and multifactor authorization on the Clearwater Capital Portal are only the tip of the iceberg that is our Cybersecurity program. We appreciate your patience with these policies as we know they can be cumbersome at times.
In closing, it is our pledge to stay vigilant in protecting our client information. We would also ask that you please be sure to contact us immediately if you ever feel you may be the victim of cybercrime and/or identity theft. We will work with you to safeguard your accounts and your information, which is best done as early as possible.
* Office of Compliance Inspection and Examinations, National Exam Program Risk Alert, Cybersecurity Examination Sweep Summary, Volume IV, Issue 4, February 3, 2015.