Investor Alert:
Be aware of fraudsters impersonating CIRO, claiming to help investors get their money back
CIRO conducted two cybersecurity table-top exercises in 2023 for small and medium-sized CIRO member firms. The exercises were designed as a series of case studies where participants discussed crisis responses in small facilitated groups. The goal of the exercises was for small and medium-sized member firms to strengthen their cybersecurity resilience by sharing information and gaining knowledge from peers in the investment industry and from experts in the fields of cybersecurity risk, privacy law, and cyber insurance.
As a result of the exercise, we are publishing a Ransomware Response Playbook which outlines the high-level steps that a member firm needs to take to ensure a timely, coordinated and effective response to a ransomware attack.
In 2018, IIROC, one of the predecessor organizations to CIRO, conducted a table-top exercise for small and medium-sized IIROC member firms. Following the success of that exercise, and as stated in our 2022-2023 Compliance Priorities and Annual Priorities, CIRO hosted another exercise in 2023 for the new combined membership of investment dealers and mutual fund dealers.
The exercises were focused on small and medium-sized member firms because they don’t typically have the resources of larger member firms to manage cyber risks. The objectives of the exercise were to:
The exercises were designed as two separate case studies –a Ransomware incident, and an Insider Threat event – which focused on threat detection, response coordination, and assessment of impact.
The exercises were designed as two separate case studies –a Ransomware incident, and an Insider Threat event – which focused on threat detection, response coordination, and assessment of impact.
The exercise was conducted in two locations –in Toronto on October 26, 2023, and in Calgary on November 1, 2023. Participants were divided into working groups where they role-played in pre-defined positions within a typical member firm and discussed crisis responses to the scenarios.
Almost 200 individuals from 128 CIRO member firms participated in the exercises. Participants represented a diverse range of roles within CIRO member firms including Governance, Compliance, Cybersecurity, Information Technology, Operations, Sales, and Finance.
The exercises were supported by a number of experts:
We are very grateful for everyone’s valuable participation and support in making the exercises a success.
Ransomware attacks, which continue to be prevalent and are growing in volume and sophistication, have resulted in significant financial losses and caused considerable reputational damage to a number of companies. A timely, coordinated, and effective response to cyber attacks is essential to protect member firms and their investors, employees, and stakeholders.
We have prepared a Ransomware Response Playbook (PDF) that can be used as a guide when dealing with ransomware incidents. We also published a Cybersecurity – Ransomware Notice in 2021 that provides guidance to member firms on some basic steps to take to prevent, detect, respond to, and recover from a ransomware attack.
Refer to the Cybersecurity & Technology section of our website for additional guides and resources that will help CIRO member firms protect themselves and their clients against cybersecurity threats and attacks.