Log In

Photo by Valeriya21 from Getty Images Pro

6 Easy Cyber Initiatives to Add Value to Your Client Relationships

By Karen Stephens // Bcyber
Guest Contributor

In the financial advice arena, some tenets remain unchanged. For example, all financial advisors want deeper client relationships and to build a more sustainable business model. Standing out from an increasingly homogeneous advice market doesn’t have to be expensive or time-intensive, but it does mean a little lateral thinking.

Introducing cyber safety initiatives for clients is one way to differentiate your advice firm from your competitors and add value to your clients beyond just investment and insurance advice, all while boosting your own firm’s human firewall. To help you take the first steps, here are six easy cyber initiatives you can implement that have a real and positive impact on your clients and your business: 

1. Cybersecurity tips on a regular basis

Cybersecurity training shouldn’t be a  “one and done” program. Cyber awareness is more likely to stick if you present shorter tips regularly, rather than delivering it all at once. For example, if you have a client newsletter, you can simply add one handy hint each time you send it out. Other ideas may be to add a few cybersecurity tips at the end or any “lunch and learns” or client events. If you’re not sure what tips to share, check out the Friday Files on the BCyber website and borrow a few of ours.

2. Build cyber awareness into your onboarding and annual reviews

The onboarding process is one of the most important processes for any advice firm. It sets the framework for your entire relationship, while the ongoing reviews serve as important checkpoints in fulfilling that promise. Part of the onboarding process could be educating clients on recent breaches, recommending password changes or helping them set up multi-factor authentication for their online accounts. And then during reviews, you can impart additional practical tips as part of the process. By incorporating cyber awareness into your onboarding and review processes, advisors provide additional value in helping protect client data, assets and information.

3. Don’t forget mobile phone and personal devices

During the pandemic mobile devices have become a favorite attack target, and this trend is not likely to decrease any time soon. Here are three things you can help your clients do to better secure their mobile devices:

  • Complete an app audit: The average person has 40 apps installed on the phone but the majority of time is spent on 18 of them, so if your client hasn’t used an app in the last month, maybe it’s time for it to go. Old or unused apps may not be kept updated and can house serious security flaws that make it easy for cybercriminals to compromise your device
  • Review app permissions: By default, apps may have access to all sorts of information, settings and other tools. It’s important to take the time to think through whether they really need access to your contacts, location, camera, etc.
  • Install anti-virus protection: If your clients don’t have anti-virus software installed on their phones and personal devices, then make sure they do. You could then incorporate reminders to update their software as part of your regular communications and reviews.

4. Social media use

Cybercriminals do not have to be spies to find out personal information about most people—information that’s often used for passwords and security questions. Personal data such as birthdate, first school, names of children, spouses, etc. can easily be found on social media accounts. Recommending clients tighten their privacy settings will make their data harder to get and better protect them in the long run. 

Remember, the security questions are for you to know, provided you can remember the answer, so they don’t have to be “truthful”. No one will check to see if your first pet’s name really was Rex.

5. Good password hygiene is forever

Good password practices should not stop once you are at home or have stopped working and are enjoying retirement. Firms can expand the use of their own password policies and provide clients with a quick password checklist that’s based on real-world security measures. And if you’re stuck on what password guidelines to share, check out my previous post.

6. Actions speak louder than words

When you’re encouraging your clients to become cyber aware, always lead by example. For instance, calling to reconfirm that instructions are actually from the client (and not someone posing as them) is simple and effective and allows you to have another touchpoint with your client. If you want to implement phone confirmations as a security measure, here are some client requests/instructions to consider:

  • Money withdrawal requests 
  • Adding new banking instructions 
  • Changes to account authorizations
  • New contact details

The fastest way to erode your hard-earned client loyalty and trust is with a data breach. While your firm is undoubtedly doing everything it can with all manner of security initiatives, human error is the number one cybersecurity threat to businesses in 2021. A recent IBM report found that human error is a major contributing cause in 95% of all breaches. So focusing on informing and educating everyone associated with your firm, including your clients, is key to hardening your cybersecurity resilience. Finally, the importance of delivery consistency can not be overstated as it contributes towards building your brand image, building client trust and deepening your client relationships. So, if you decide to incorporate any of the above suggestions, you need to be prepared to not just deliver them as a once-off exercise, but build regular cyber awareness initiatives into your ongoing client relationship programs.

Introducing cyber initiatives is mutually beneficial for your clients and your firm. It will better protect data and assets and will help bolster your entire human firewall, so there’s no time like the present to get started!

Get our latests insights delivered straight to your inbox.


About BCyber Pty Ltd

BCyber is a cyber risk mitigation company that works with advice groups to review and harden their cyber risk programs and grow their businesses. We use our own proprietary services and distribute a select number of innovative third-party solutions to strengthen cybersecurity postures. Each of BCyber’s co-founders has over 20+years in financial services before moving into the cybersecurity space. They speak and understand the language of the advice business and cybersecurity. Supported by the BCyber Chairman – Jack Diamond (a 20 year Board veteran) the team wants to bring cybersecurity out from the pure tech space into the advice world.

Learn more at

Karen Stephens

Karen is CEO and co-founder of BCyber. After over 20 years in financial services, Karen moved into bringing cybersecurity risk management to small and medium enterprises (SMEs), with a keen focus on financial advice SMEs. BCyber is an agile, innovative group who works with SMEs to protect and grow their business, by demystifying the technical and helping them to identify and address cybersecurity and governance risk gaps.

A supporter of women in finance, she is now actively involved in the cybersecurity community and was a finalist in the 2020 Australian Regtech Awards - for 'RegTech of The Year - Australian Founded', a finalist in the 2020 AWSN Women in Security Awards - 'Most Promising Newcomer In Any Areas of Protective Security and Resilience', one of seven Australian startups selected to attend the 2021 SOSA/AUSTRADE virtual InsurTerch Bootcamp in Tel Aviv, a finalist in the 2021 Australian Accounting Awards for Innovator of the Year and 2021 finalist in the Efma-Capgemini Financial NewTech Challenge for Insurance Start-up’s (and the only Australian startup selected for this category)

Browse Categories

Check out our newest paper: 9 FinTech Myths Your Firm Should Ditch

Get My Copy