Since October is National Cyber Security Awareness month, we wanted to share how we approach cybersecurity and provide you with tips on how to protect your data. Throughout this month, federal agencies try to educate the public and private sector about various cyber threats and offers tips and best practices about how to stay safe online.
Fort Pitt Capital has a deep-rooted culture of doing what’s best for our clients. We are also mandated by the Securities and Exchange Commission (SEC) to safeguard our client’s personal information. We follow a framework created by the National Institute of Standards and Technology (NIST) to develop and manage our cybersecurity program. The program has five parts to it: identify, protect, detect, respond, and recover. We also work with outside IT network providers, IT auditors, and regulatory compliance consultants to help guide our policies and controls.
Our cybersecurity policies are examined by regulatory bodies, including the SEC, but we also hire external auditors to conduct network scanning and penetration testing. Our main IT service provider is also very forward looking, and we have worked together to implement programs to protect client information. These include a program that finds and documents all personal client data, and reports both the type of information and file location. From this exercise, we learned that hackers could potentially steal personal information from deleted files, so we built a program to write over deleted data to make sure it is permanently erased. Recently, Fort Pitt has implemented a “zero day” monitoring program so that we can almost immediately detect a network intrusion and/or data leakage.
We provide ongoing cybersecurity training for our employees, and have worked very hard to educate them on best practices. We frequently publish blog posts to help educate our clients on topics regarding cybersecurity, with the goal of creating greater awareness and preparedness.