I was listening to a webinar the other day and one of the presenters said something that really got my attention. A question was asked how do you get employees to care about cybersecurity. The response: If a firm no longer exists due to the payout as a result of a hijacked email request for a wire or a breach in the firm’s security, then the employee has no job, no health insurance, no pension plan…you get the message. Let them know this. Get them involved in the discussion.
If you don’t have a policy for how to handle a wire transfer…get one. All employees should know what to do when they receive an email “from a client” requesting a wire transfer or a check. I recommend one person in the firm that is responsible for verbal confirmation with the client of all wire transfer and check requests before they are submitted to the custodian.