The average hedge fund is often a lean operation with limited headcount, which leans more towards the front office. As such, areas such as IT and cybersecurity are typically outsourced. Many have chosen not to hire CISOs but have instead chosen to appoint outsourced partners/consultants to conduct risk assessments, including appraising the manager’s third party vendor relationships.  “We are one of the largest counterparties to some of our clients: we provide their IT, we are custodians of their data and we provide systems that enable them to run their business,” comments Viktor Tadijanovic (pictured), Founding Member and CTO of New

Ransomware, malicious code that encrypts files and demands a ransom to decrypt, has been around for years, but why is this most recent version so successful? The answer is bitcoin.  Bitcoin provides a method by which hackers may remain anonymous yet still have a way to monetise attacks without creating a money trail. But whereas most public ransomware attacks to date have tended to be low-scale and relatively unsophisticated, the Internet of Things means that billions of devices are now connected, presenting a surfeit of attack surfaces for cyber criminals. Not only that, but the ambition of ransomware attacks has

The Cybersecurity phenomenon has completely changed the game in both the investment management industry and the broader financial services sector.  Attacks on fund managers, investment advisers and other fiduciaries (“Fund Managers”) are increasing in frequency, sophistication and severity. And both the regulators and the investor community have been paying close attention. To responsibly manage Cybersecurity risk, Fund Managers need to, at minimum: (i) understand certain existing legal obligations and an evolving regulatory focus; (ii) comprehend fundamental IT and technology principles; (iii) monitor evolving threats, technologies and attack protocols; (iv) appreciate its data use and information work flows; and (v) simultaneously manage its employees’

Business has changed markedly over the last few years thanks to the rise and sophistication of digital technologies. As asset managers have evolved to become more automated and utilise a plethora of solutions to manage data, they have unavoidably become more vulnerable to serious cyber attacks. The simple fact is, cyber criminals have an exponentially higher number of attack surfaces to utilise, from cloud computing systems to mobile devices and the Internet of Things.  “What was once a limited attack surface not extending beyond an organisation’s firewall has become practically unmanageable,” says Jay Kaplan (pictured), CEO and co-founder of Synack.

By George Ralph (pictured), RFA – Cybersecurity has never been as important as it is today. Cyber attacks are becoming ever more ambitious and overt. The two big recent malware attacks, Petya and WannaCry both used phishing attacks to spread malware through networks, with Petya in particular, engaging sophisticated, multi-pronged methods which renders the user’s computer inoperable, but also provides the hackers with full access to the usernames and passwords stolen from the computer. The Cyber Security Breaches Survey 2017, published by the Department for Culture, Media and Sport and undertaken by Ipsos Mori stated some frightening figures about the

Next year sees the introduction of a comprehensive piece of European regulation that will overtly change the way that organisations handle, store and protect data. Known as the EU General Data Protection Regulation (GDPR), it arguably represents the most significant change in global privacy law in 20 years and will require fund managers to shore up their cybersecurity processes and procedures to avoid facing financial penalties.  GDPR is due to be implemented in May 2018 and places important new obligations on any business that handles the data of individuals living in the EU, independent of where the business is located.