Hedge funds are accelerating investment in cybersecurity as regulatory scrutiny intensifies and threat vectors grow more sophisticated, according to a new industry survey released by the Hedge Fund Association (HFA) in partnership with SeaGlass Technology.
The 2025 Cybersecurity Survey, which gathered responses from more than 400 hedge fund managers, institutional investors and service providers, found that 78% of firms increased their cybersecurity budgets over the past year, highlighting the growing importance of cyber resilience as a core operational priority.
Phishing remains the most prevalent threat facing the industry, cited by 65% of respondents as their primary concern. As cyber risks become more complex, firms are also re-evaluating how they manage security functions, with 42% planning to outsource key elements of their cybersecurity programmes in the next investment cycle.
Operating models across the sector continue to evolve. The survey shows that 45% of respondents rely primarily on in-house cybersecurity teams, while 40% operate hybrid models combining internal resources with external providers. A further 15% have fully outsourced their cybersecurity functions.
While overall cyber maturity is improving, the survey highlights persistent gaps in areas such as the adoption of formal cybersecurity frameworks, the frequency of third-party audits, incident response planning and employee awareness training. Respondents also pointed to uneven remediation timelines following identified vulnerabilities.
A significant number of firms reported experiencing a cybersecurity incident within the past 12 months, with third-party vendors frequently identified as contributing factors. The findings underscore the growing focus on vendor risk management as hedge funds seek to mitigate operational and reputational damage.
Looking ahead, firms plan to prioritise investment in technologies designed to strengthen threat detection and incident response capabilities, alongside enhanced cloud and endpoint security, identity and access management, and greater use of automation to improve efficiency and resilience over the next 12 to 24 months.
