Cybersecurity 101: Protecting Your Wealth in the Digital Age

In today’s fast-paced and technologically advanced world, cyber threats are more prevalent than ever. October is National Cybersecurity Awareness Month, which serves as an important reminder for individuals and businesses alike to take proactive measures to protect their sensitive information. For those with wealth management portfolios, the stakes are particularly high.

At Oppenheimer, protecting our clients' personal and financial data is a top priority. We've implemented industry-leading cybersecurity practices to strengthen our defenses. By integrating the National Institute of Standards and Technology (NIST) Cybersecurity Framework into our risk management program, we have enhanced our ability to identify, manage, and eliminate cyber threats.

• Leveraging third-party cybersecurity firms for network monitoring, endpoint protection, vulnerability assessments, and penetration testing.
• Partnering with cybersecurity consultants and auditors to assess and improve our protocols through exercises like tabletop scenarios and incident response evaluations.
• Conducting regular system scans to identify and address critical vulnerabilities.
• Providing ongoing employee training, including phishing simulations, to raise awareness and reduce risk.
• Oppenheimer’s security measures also include industry-standard insurance through SIPC, as well as cybersecurity insurance protection for client accounts.

Cybercriminals often target financial accounts and personal data with sophisticated tactics, seeking to exploit vulnerabilities and gain access to your hard-earned assets. Therefore, understanding how to protect your wealth management information is crucial. Below are a few key cybersecurity practices to help you safeguard your financial future.

You can reduce your risk of a cyberattack and help to ensure that your devices and home networks are protected by implementing these tactics:

• Update your software: Software updates often contain patches for security vulnerabilities that hackers aim to exploit. Be sure to regularly update your devices, including smartphones, computers, and any other gadgets connected to your network.
• Use strong antivirus software: Antivirus software can offer an extra layer of protection by detecting and blocking malware or other harmful activity.
• Set up a secure Wi-Fi network: Your home network should be both password-protected and encrypted. Avoid accessing sensitive financial accounts over public or unsecured Wi-Fi networks, which are more vulnerable to attacks.
• Utilize Strong, Unique Passwords: Using weak passwords, and using the same password for multiple applications can make it much easier for hackers to gain access to your accounts. Use unique passwords that are difficult to guess for each of your financial accounts.Length and complexity: Aim for passwords that are at least 12 characters long, and include a mix of uppercase and lowercase letters, numbers, and symbols.
• Passphrases: Consider using passphrases; for example, use the first letters of a phrase you will remember to create the password. Example: ‘I was thrilled when my son graduated college in 2024!’ – your password would be: Iwtwmsgci2024!
• No reuse: Use unique passwords. Never use your Oppenheimer password as a password anywhere else.

Multi-factor authentication (MFA) is one of the most effective ways to protect your wealth management accounts by adding an extra layer of protection. This method requires users to verify their identity through two or more methods, such as a password and a unique code sent to your phone.

View Oppenheimer’s MFA page to learn more about enhancing your account security on our Client Access Web Portal and the Oppenheimer Mobile App.

In phishing scams, cybercriminals will attempt to trick you into providing sensitive information, often through fake emails, texts, or phone calls that can appear to be legitimate. Sometimes these attacks can be difficult to spot as they have become more advanced over time.

• Verify before you click: Always verify the source of an email or text before clicking on links or downloading attachments. If you have any doubt that a sender is not who they claim to be, contact the company or individual directly to confirm the legitimacy of the message.
• Don’t share personal information: Be cautious about sharing personal or financial information over the phone or via email. Legitimate institutions will never ask you for your password or any sensitive information via email.

• Set up account alerts: Many financial institutions offer alerts for unusual activity or transactions. These alerts can quickly notify you of any suspicious behavior. By actively reviewing your financial accounts, you can catch potential fraud early on.
• View your statements: Frequently check your account balances and statements for unauthorized charges or transactions. The sooner you detect an issue, the easier it will be to resolve.

In conclusion, National Cybersecurity Awareness Month is a timely reminder to assess and strengthen your digital defenses. By securing your devices, enabling multi-factor authentication, and staying vigilant against phishing attempts, you can significantly reduce the risk of cyberattacks.