Current market environment performance of dynamic, risk-managed investment solutions.
By David Wismer
As geopolitical tensions in the Middle East heighten global uncertainty, wealth management firms and financial advisers are being reminded that modern conflict rarely stays confined to one region or one form of engagement.
The World Economic Forum and CISA (Cybersecurity and Infrastructure Security Agency) have warned over the past year that geopolitical instability and conflict are reshaping the cyber threat landscape, creating more complex and unpredictable conditions for organizations. That includes the threat of both opportunistic attacks and “coordinated, geopolitically driven operations.”
For firms entrusted with sensitive client data, financial assets, and ongoing complex digital operations, that makes cybersecurity more than a technology concern or compliance task—it is a critical pillar of business resilience and client trust.
Cybersecurity concerns in wealth management are evolving rapidly
While cybersecurity has made headlines this year, it is hardly a new issue for industry professionals. Advances in artificial intelligence over the past decade—and especially the past few years—have raised the stakes for all industry participants.
“The ever-changing cyber threat landscape means each year is unprecedented in nature, with threat actors leveraging every available tool to disrupt operations and undermine trust in the financial sector,” says Teresa Walsh, FS-ISAC’s Chief Intelligence Officer and Managing Director, EMEA.
As an upcoming article in Proactive Advisor Magazine notes, “68% of asset managers and 62% of wealth managers surveyed by Milwaukee-based consulting and accounting firm Wipfli said cybersecurity is a major concern for their businesses in 2026—the third consecutive year it has ranked as a top priority in the firm’s annual survey.
“‘We’re living in a digital world,’ said Robert Zondag, a partner at Wipfli, in the firm’s report. ‘For most firms, the place where business gets done is now online. Client relationships extend across digital channels, from onboarding and portfolio reviews to secure document sharing and communication. Even if client relationships are human and personal, every interaction, transaction and record is captured in a digital environment.’
“Artificial intelligence is amplifying cybersecurity risk through social engineering, using AI-generated audio and video deepfakes, fake IDs, and other fabricated documents, added Matt Sabo, a director at Wipfli, in the report. While most wealth management firms have implemented cybersecurity measures, threats constantly evolve, leaving many firms facing ‘protocol fatigue.’
“‘People know what they should be doing, but the constant vigilance can wear them down,’ Sabo said. ‘The challenge is maintaining discipline and focus, not just on the perimeter, but at the edges where cyber events are most likely to occur.’”
TOP CONCERNS FOR WEALTH MANAGEMENT FIRMS OVER THE NEXT 12 MONTHS
A look at Flexible Plan Investments’ philosophy on cybersecurity
Jeffrey Ingalsbe is the CIO and chief information security officer for Flexible Plan Investments (FPI). He has decades of experience as an information technology (IT) and cybersecurity leader within the automotive, academic, and financial-services industries. Jeff is responsible for overseeing the company’s IT strategy and leads the firm’s efforts to address risk by developing and deploying policies, processes, and technologies, and by engaging employees and business partners in sound cybersecurity practices.
I recently asked Jeff to discuss his broad philosophy regarding cybersecurity best practices in a short Q&A.
Q: How do you define the mission of a cybersecurity program?
JI: At its core, cybersecurity is about protecting three things: confidentiality, integrity, and availability. That means safeguarding sensitive client information, ensuring data remains accurate and unchanged unless it is supposed to change, and keeping systems available for the people who rely on them.
Q: How can advisers and their firms address fundamental cybersecurity concerns?
JI: One of the biggest issues for advisers is that cybersecurity becomes urgent only after something has already gone wrong, whether that is fraud, malware, or a compromised device. My advice is to proactively use all of the expertise available to you, keep software and operating systems updated, install endpoint protection on every device, and continually improve your ability to recognize phishing attempts. I will always make myself available to the financial advisers we work with should they have any questions or concerns.
Q: Why is phishing such a major concern right now?
JI: Artificial intelligence (AI) has made phishing much more convincing. A few years ago, bad grammar, formatting, or obvious inconsistencies often gave fraudulent emails away. Today, many phishing emails look polished and professional, which means both technology and user awareness matter more than ever.
Q: Is AI helping defenders as much as it is helping attackers?
JI: Yes. AI is enhancing both sides. Many of today’s cybersecurity tools, including endpoint protection and network monitoring systems, use AI to improve detection and response capabilities. In practice, firms benefit from that advancement through the security platforms they deploy.
Q: What role does employee training play in cybersecurity?
JI: Training is essential. At FPI, employees complete annual interactive cybersecurity training and testing, and phishing simulations run throughout the year. When someone fails a phishing test, they receive additional training that must be completed successfully. Cybersecurity is not a one-time exercise; it requires constant reinforcement. The goal is to build good workplace practices, not just check a compliance box.
Q: How do you measure success in cybersecurity?
JI: Success is not simply the absence of a breach. A firm could avoid an incident by luck. Real success is doing everything reasonable and within your power to prepare for the attacks that will inevitably come. It is about readiness, discipline, training, and our entire firm taking its responsibility seriously every day.
***
Jeff’s replies reinforce an important message for financial advisers and their clients shared with Proactive Advisor Magazine by a successful wealth manager and advisory-firm consultant.
He says, “In my opinion, cybersecurity is as much about people and habits as it is about technology. The strongest defenses come from good systems combined with informed clients—and a culture where it’s OK to slow things down and ask questions.”