A Bolt Out of the Blue: What the CrowdStrike Contagion Can Teach Wealth Management Advisors

The July CrowdStrike incident underscores significant cybersecurity concerns for wealth management firms, particularly concerning the interconnectivity and dependencies within their technology infrastructure.
 
 
 
The recent CrowdStrike incident took many industries by surprise and highlighted the importance of cybersecurity for wealth management firms at a time when the SEC is focused on cybersecurity regulations. To help analyze the impact of the Crowdstrike shutdown on the wealth management industry, FusionIQ’s Information Security Officer, John Messinger, was asked to share his insights on the event and outline how wealth management firms can prevent similar situations from occurring in the future.

 

John Messinger, Information Security Officer, FusionIQ:
 

The July CrowdStrike incident underscores significant cybersecurity concerns for wealth management firms, particularly concerning the interconnectivity and dependencies within their technology infrastructure. This event is a stark reminder of the potential risks associated with relying heavily on single vendors or systems. The impact, although not malicious, highlights the necessity for robust contingency plans and diversified security measures that are architected with disaster recovery as a key requirement.

Many lessons can be learned from this event, including the importance of comprehensive testing protocols and staged rollouts for updates and patches to prevent widespread disruptions. Wealth management firms should prioritize a well-defined incident response plan incorporating more than just threats and exploits, with a system architecture emphasizing a disaster recovery capability incorporating automation. Automation is crucial in maintaining the availability of key systems and functions at scale, ensuring swift recovery with minimal manual intervention.
 

To mitigate similar incidents, firms should invest in regular assessments of their vendors, audit their incident response plans, incorporate continuous monitoring, and deploy disaster recovery solutions that leverage automated processes. These measures will enhance resilience and ensure that disruptions are swiftly addressed, minimizing the impact on operations and client data, safeguarding the firm’s reputation and client trust.

Read the full AdvisorHub article here
Picture of John Messinger<br>Information Security Officer
John Messinger
Information Security Officer

John is a seasoned cybersecurity expert, bringing more than 20 years of experience in national security, finance, and technology to his role as FusionIQ’s Information Security Officer. John is focused on delivering advanced data security and systems, leading FusionIQ’s SOC 2 Compliance program and ensuring top-tier security to protect client data.

John's career began with U.S. Army Intelligence and the National Security Agency, where he honed his skills in global operations and cybersecurity. He has since led cloud transformations at T. Rowe Price and Duke Energy, and advanced cloud security and risk management at RSA Security, while developing AI deep learning models for threat detection. John holds a master’s degree in cybersecurity technology and has multiple cloud and cybersecurity certifications.

jmessinger@fusioniq.io | Connect on LinkedIn

Scroll to Top