This Hedgeweek Special Report unravels the threats and outlines the cybersecurity solutions and processes being developed to ensure fund managers can navigate securely through this perilous digital environment.
The 'Cybersecurity in Europe 2017' special report comprises seven separate articles listed below, these can be read individually or as a sequence.
Next year sees the introduction of a comprehensive piece of European regulation that will overtly change the way that organisations handle, store and protect data. Known as the EU General Data Protection Regulation (GDPR), it arguably represents the most significant change in global privacy law in 20 years and will require fund managers to shore up their cybersecurity processes and procedures to avoid facing financial penalties.
By George Ralph (pictured), RFA – Cybersecurity has never been as important as it is today. Cyber attacks are becoming ever more ambitious and overt. The two big recent malware attacks, Petya and WannaCry both used phishing attacks to spread malware through networks, with Petya in particular, engaging sophisticated, multi-pronged methods which renders the user's computer inoperable, but also provides the hackers with full access to the usernames and passwords stolen from the computer.
According to the PhishMe 2016 Q3 Malware Review, the proportion of phishing emails containing ransomware grew to 97.25 per cent in Q3 last year. This is a threat that is becoming more sophisticated, and more targeted. Not only that, but the frequency of attacks is at an all-time high.
Business has changed markedly over the last few years thanks to the rise and sophistication of digital technologies. As asset managers have evolved to become more automated and utilise a plethora of solutions to manage data, they have unavoidably become more vulnerable to serious cyber attacks. The simple fact is, cyber criminals have an exponentially higher number of attack surfaces to utilise, from cloud computing systems to mobile devices and the Internet of Things.
The Cybersecurity phenomenon has completely changed the game in both the investment management industry and the broader financial services sector.
Ransomware, malicious code that encrypts files and demands a ransom to decrypt, has been around for years, but why is this most recent version so successful? The answer is bitcoin.
The average hedge fund is often a lean operation with limited headcount, which leans more towards the front office. As such, areas such as IT and cybersecurity are typically outsourced. Many have chosen not to hire CISOs but have instead chosen to appoint outsourced partners/consultants to conduct risk assessments, including appraising the manager's third party vendor relationships.