How can brokers improve their cyber security?

Following the announcement of Jarmaine’s win, the CISO revealed his top tips for brokers to protect their brokerages’ and their clients’ data.

According to Jarmaine, the aggregator’s cyber security strategy is based on three pillars.

Firstly, LMG focuses on keeping broker and client data safe through business processes and capabilities. Secondly, the aggregator creates a “cyber and privacy aware community” to increase “resilience” to cyber threats. The third pillar of LMG’s security strategy is building customer and partner confidence in LMG’s security systems by holding industry certifications across commercial, residential, and asset finance sectors.

Jarmaine said that as well as aggregators providing cyber support, brokers can also take individual steps to better protect their data and systems.

The CISO recommended that brokers subscribe to a password manager to create and store strong passwords. According to Jarmaine, a password manager makes it almost “impossible” for a hacker to crack and can support brokers by autofilling login details for different sites.

Brokers should also complete regular employee training and awareness programs to ensure they are able to recognise and appropriately respond to cyber threats, according to Jarmaine.

Client data is often stored across different systems, so to ensure that brokers are informed of where their clients’ data is stored, Jarmaine suggested that brokers keep a list of all the data they use to store client information.

The CISO recommended that brokers keep a record of where they store the following information:

• Customer records including credit and debit card details, personal details, account numbers, orders, and payments.
• Business records such as a broker’s business strategy, banking details, and accounting records.
• Intellectual property, such as product development plans or market research.

It is also important to assess how vulnerable each system is to a cyber attack, according to Jarmaine. He said that brokers should ask themselves whether the information they have stored can be accessed by a third party outside of the business.

Jarmaine also suggested that brokers do not keep all data on the same platform as the business may “risk losing everything”. He said that a broker should regularly back up their data and test the data for recovery.

There are also a number of technical controls that can be implemented to better secure data, Jarmaine said. He recommended that brokers install a firewall to block unauthorised access to systems.

A simple way to protect computers and laptops from cyber threats is to set up auto updates on antivirus software, applications, and operating systems. Brokers should also ensure that any sensitive data is encrypted and should conduct regular security audits to identify potential security gaps, according to the CISO.

Jarmaine commented on receiving the CISO of the Year award at Cyber Daily’s Australian Cyber Security Summit 2024: “This recognition is a testament to LMG’s proactive approach to integrating advanced security measures and educational programs that safeguard our brokers and their clients.

“It’s been a collective effort aimed at innovation and excellence in cyber security.”

David McQueen, LMG’s group executive of risk and strategic partnerships, said that the award reflected the aggregator’s promise to keep brokers safe through “robust cyber security measures”.

He continued: “Keeping our brokers safe is a key promise that LMG works hard to deliver on. We’re so proud of Luke and the team for their dedication to safeguarding brokers’ data and operations, ensuring they can focus on what matters most: helping their clients and growing their businesses with confidence.

“The award recognises Luke’s expertise and commitment, and I congratulate him on this great achievement.”

[Related: LMG introduces ‘industry-first’ cyber coach]