Cyber Solutions

Cyber Solutions

We support firms with key cybersecurity testing and documentation.

Get ahead of the SEC’s proposed cybersecurity ruling—and safeguard your firm’s protection of sensitive client and firm information.

Our Cyber Solutions directly align with the SEC’s proposed Cybersecurity Risk Management Rules and Outsourced Provider Rule, which would require advisers to adopt and implement written cybersecurity policies and procedures and produce an annual cyber report.

Our team of cybersecurity and regulatory experts assist firms in building SEC cyber policies and data security programs with documented testing reports to assess the firm’s protection of sensitive client and firm information. We work to thoroughly review and revise existing policies and procedures and create a custom testing program, with the goal of generating sustainable, well-documented cybersecurity programs reflective of industry best practices and regulatory expectations.

Our Services

Policies and Procedures

  • Analyze current practices and advise on any updates necessary to comply with regulatory requirements
  • Draft policies and procedures to align with regulatory requirements

Comprehensive Testing

Annual production of:

  • Documentation of annual risk assessment
  • Recommendations on enhancements to cyber policies and procedures
  • Log of cyber and data security training provided to staff
  • Detailed outline of testing parameters and documentation of findings
  • Assistance with testing material requirements established by cyber policies and procedures
  • Reports of mock phishing simulations
  • Documentation of external / internal network scans and resolved vulnerabilities
  • Facilitation and documentation of incident response and disaster recovery / business continuity tabletop exercises
  • Assistance in maintaining a well-documented vendor management program
    • Maintain an approved vendor list
    • Conduct and document annual vendor due diligence reviews:
      • Summarize vendor due diligence findings
      • Coordinate meeting to review a summary of the completed due diligence reviews
      • Take meeting minutes to evidence oversight

Phishing Training

  • Develop and deploy a custom training program based on phishing results
  • Coordination of ongoing employee phishing training

External and Internal Scans

  • Conduct or coordinate external and internal network scans
  • Provide detailed findings with instructions on how to address any vulnerabilities identified

Threat Monitoring

With our threat monitoring capabilities, we can detect if your company is at risk due to exposed credentials on the dark web, or through a subdomain takeover, so that issues can be corrected before the data is used maliciously. Our services include:

Dark Web Scanning:

  • Scan the dark web using private datasets
  • Produce a report with findings on whether email accounts are identified as being involved in a breach, as well as details of the breach
  • Provide insight on email accounts involved in a data breach and password details so login credentials can be updated

DNS Record Scanning:

  • Scan domain name system (DNS) records to identify current and potential subdomain takeovers
  • Produce a report including vulnerable entries that could be taken over, resulting in your domain being hijacked by a cyber criminal
  • Recommended course of action to address vulnerabilities

Meet Our Cyber Solutions Team

Amber Allen

Amber Allen

General Counsel and Executive Vice President; President, Fairview Cyber

Learn more about Cyber Solutions.

919.706.4100

Contact Us

Industry News

Check out our Flash Reports for the latest SEC- and cybersecurity-related news, trends, and insights.

Annual FINRA Entitlement User Accounts Certification Begins Today

FINRA announced that the 2024 FINRA Entitlement Certification period begins today and must be completed on or before June 17, 2024.

Read More

Five Investment Advisers Charged by the SEC for Marketing Rule Violations

On April 12, 2024, the Securities and Exchange Commission (SEC) announced that it settled charges against five registered investment advisers for Marketing Rule violations.

Read More

Off-Channel Communications and Recordkeeping Among RIAs Remains a Top Priority for SEC

The Securities and Exchange Commission (SEC) has fined several companies in recent months for off-channel communications and record-keeping. At the recent SEC Speaks conference, Sanjay Wadhwa, deputy director of the Division of Enforcement, said the SEC considers several factors in determining the fine amount, including size of the firm, breadth and depth of the violations, whether a firm self-reported, level of cooperation, and more.  

Read More
Fairview

Fairview has been providing streamlined solutions to providers in the financial services industry since 2005. We are part of ViewPoint Partners, our employee-owned parent company for both Fairview and FilePoint, which provides regulatory reporting solutions for registered investment companies.

©2024 Fairview® Investment Services, LLC. All rights reserved.

1330 St. Mary’s St.
Suite 400
Raleigh, NC 27605

info@fairviewinvest.com
919.706.4100
FAX: 800.770.9925