Firms can have a belts and braces approach to the security of the systems and tools they deploy, but staff training and communication can make or break their chances of success.
“We recommend overhauling policies and procedures, and implementing these via training which happens at induction and regular points thereafter,” advises George Ralph, managing director at RFA.
Cybersecurity has become a board level concern and many clients now prioritise it in their risk register. With SMCR reigniting its importance and responsibility, cybersecurity now also features heavily as a standard element in every ODD exercise. Essentially, if the investors are asking about it, fund managers have to prioritise it.
How far along the spectrum of cybersecurity a firm chooses to go depends on their risk appetite. Ralph points out: “Some firms have a very low risk appetite and require the full portfolio of device and network security tools, user training and penetration testing. They would need a full rewrite of policies and procedures, locked down devices, a ban on external USB drives, no downloads and locked down printing.
“We would always undertake a risk management analysis exercise to understand what the client is trying to achieve and how low their appetite for risk is, versus their budget and expectations. The key is also ensuring you adapt the solutions to the working patterns of the team. For example, if you have a fully remote workforce you need to ensure that the tools are protecting them in a zero trust approach without preventing work efficiency. You also need to enable proactive issue detection on the end-points as they may not have immediate access to technical support.”
The industry progression from intrusion detection to prevention is an important step to highlight. Detection can be considered quite a passive practice, with firms waiting for the intruder, detecting that intrusion when it happens and only then taking action. “This is the old way of doing things,” says Ralph, “Our systems are proactive, continually scanning and assessing the network but more importantly, the end-points, to identify and highlight activity that may be deemed as preceding an incident, or that is anomalous – even in the smallest way, and could lead to an incident.
“The fact that we monitor the end-points is very important given the current remote working situation. It supports the almost certain move to a hybrid working environment, whereby users will be working in a combination of ways, some permanently remote, some using the office occasionally and others back in the office full time.”
The end-point monitoring and detection solution by RFA uses AI enabled tools to identify patterns or behaviours that may be deemed anomalous and take action, regardless of whether the device sits inside or outside of the corporate network.
“AI enabled ops tools are very important across the IT estate, especially where automation is concerned. If key workflows and business processes can be automated intelligently, using AI tools, firms can benefit from cost and time savings. They can also see higher accuracy rates and more timely processes,” Ralph comments, “This is particularly relevant when looking to meet regulatory obligations since accuracy and efficacy are particularly crucial in this context. Removing that human element from some processes means reducing risk or both key man dependency and human error.”
George Ralph
Managing Director, RFA
George Ralph CITP, has successfully founded three technology firms along with C-level advisory services include M&A to numerous firms. George is a true leader and has been managing teams internationally, and leading technology transformation projects for over 20 years. A certified GDPR, Cyber assessor, Auditor, Architect and widely experienced cybersecurity and RegTech professional, George has extensive technical experience in network and server architecture, large scale migrations utilising leading technology brands, and IaaS offerings.
