The Standards Board for Alternative Investments (SBAI) has released a new cybersecurity memo which focuses on small and medium-sized alternative investment managers.
The new memo, which is part of the SBAI’s Toolbox, aims to help firms shape their cybersecurity strategies and risk oversight arrangements.
The new memo provides a series of practical tools smaller and mid-sized alternative investment managers can consider, including: a cyber defence framework; a basic cyber hygiene implementation (the SBAI Basic Approach); due diligence of managed IT service providers; an overview of regulatory expectations; examples of contractual requirements for technology service providers; and asSummary of cyber security testing options.
Thomas Deinet, Executive Director of the Standards Board, says: “Cyber Security has become a heightened area of focus in recent years, with rising expectations from both investors and regulators. The new memo covers a series of practical steps that smaller managers can take to bolster their cyber defences and provides resources such as regulatory expectations, checklists and guides.”
Bill Trent, Managing Director, Strategic Advisory at Context IS, a leading adviser and technical services provider to the financial services industry, says: “Cyber security is much more than a technical challenge – it also requires the leadership of alternative investment businesses to understand and drive improvements in organisation and operations to improve resistance to cyber-attacks and their resilience. Practical and effective guidance is in short supply; but the SBAI toolkit offers firms genuinely useful advice.”
Nicolas Miller, Founder of Aedile Consulting, says: “Cyber security as a topic is often presented with unnecessary complexity, used to mask the simple truth that effective cyber security is far more easily achieved through a few, basic steps than through the procurement of a vast array of expensive cyber security solutions and products. The advice from SBAI helps firms focus on the low cost and effective steps that managers of all size should be taking. It helps managers better understand the firms postures and the associated risks they are taking.”
Kelli Walter, COO at Voss Capital, a signatory to the Alternative Investment Standards, says: “Smaller managers won’t have the extensive internal resources of large managers, but our systems and processes are also typically more straightforward. The SBAI’s new cyber-security memo provides a valuable roadmap of the key steps smaller managers can take to mitigate cyber risk.”