Hedge fund managers ‘need a cybersecurity response plan’

Cybersecurity has become the hot topic that continues to gain importance and attention throughout the alternative investment industry and having in place a ‘cybersecurity response plan’ is vital if hedge fund managers in London are to deal effectively with this growing threat.

Over the past few years, as regulations have changed and investors increasingly seek transparency, hedge funds are spending more time and expense than ever dealing in IT related issues. As the investment industry landscape is becoming more and more competitive, investors are raising their expectations and looking towards funds that display the highest levels of IT operational excellence.

Calculating potential risks and vulnerabilities is an important step on the cybersecurity front, but understanding your firm’s risks and exposures is critical, something Storm IT Financial does working in partnership with clients and conducting regular IT Audits. With employee access to your hedge fund’s data, systems, financials or other proprietary data, your firms risk is inherently high.

This has been especially highlighted with this week’s global ‘WannaCry’ ransomware cyberattack.

It can be imagined that with certain types of attacks, the ‘internal response capabilities’ of managers could be insufficient in the expertise needed to respond appropriately. Confusion over the responsibility stemming from the fact that cybersecurity is seen as being principally an IT issue. This event has been an eye-opener regarding the complexity when dealing with the fallout from this week’s global ransomware cyberattack. It is also very timely, in light of the heightened regulatory focus, including firms’ implementation of cybersecurity procedures and controls.

Hedge Fund Cybersecurity Immediate Trend: Policies and Procedures to Prevent Hedge Fund Data Breaches

Cyber threats targeting hedge funds are on the rise, and firms need to focus on preventing breaches rather than simply reacting to them. The impact of just one attack, such as a ‘phishing attack’ as we’ve seen this week, targeting just one employee can have far reaching consequences for an entire hedge fund. One attack can potentially total thousands in monetary damages and open the hedge fund up to further attacks by weakening internal networks. It is almost guaranteed that firms will encounter potential cyber breaches, so it essential to implement policies and procedures that minimize the risk. In addition to creating policies and procedures, firms should dedicate time to train employees on how to identify and respond to potential threats. While it is impossible to completely remove hu- man error, investing in routine company wide training sessions can help greatly reduce the risk. This is something we at Storm IT Finan- cial, being as a responsible MSP, recognise and put on for our clients, on an ongoing basis. Education and training sessions are key to avoiding breaches in the future.

Hedge fund managers should speak to their IT  team or MSP, like Storm IT Financial, about their ability to respond to realistic cyberat- tacks that might be directed against them. These included data theft and leakage of internal sensitive data, financial infrastructure attacks and crypto ransomware, like we’ve seen this week.

Cybersecurity has emerged as a critical area of focus for the entire financial services sector. In its continual process of providing practi- cal help to all of its key stakeholders, Storm IT Financial has developed timely and practical guidance to help firms manage this com- plex and important area of risk. Disaster recovery and back up solutions are imperative too, for this process.

Alternative Fund managers should revisit their own approach or speak to their managed service provider, like we have, if they haven’t been in contact already, based on the cyberattacks we’ve seen this week.

For further Hedge Fund/Alternative Investment Cybersecurity advice, assistance or technology query, please call Storm IT Financial.

Storm IT Financial FinTech News & Trends picks: Week 15th May – 19th May 2017

WannaCrypt attacks: guidance for Azure customers

Due to the recent global WannaCrypt ransomware attack, Azure custom- ers take the following 8 steps:

https://azure.microsoft.com/en-us/blog/wannacrypt-attacks-guidance-for-azure-customers/

Azure, Office 365, Dynamics 365: Microsoft’s cloud just grew its reach with new regions

Taking its cloud region count to 40, Microsoft will be offering its services from datacenters in Africa

http://zd.net/2pSzsXo

WannaCry ransomware cyber attack: A final warning for banks and fintech

It was the most high profile cyber attack in some time:

http://www.cityam.com/264729/wannacry-ransomware-cyber-attack-final-warning-banks-and

Cloud computing goes beyond tipping point in financial services, says DTCC

Cloud computing has reached a ‘tipping point’ in financial services:

http://bit.ly/2qrD8Oh

AWS with ‘stable’ global market share but slower growth than Mi- crosoft and Google

AWS’ growth is still at 43% while Microsoft continues to be the quickest growing of the hypervendors at 93% growth:

http://bit.ly/2qyv7ar

NASDAQ Leverages AI With New Technology Platform For Buy Side Firms

NASDAQ has debuted a new technology platform for hedge funds and other buyside firms:

http://www.finalternatives.com/node/35169

Banks’ defences hold firm in global cyber attack

Banks have invested heavily to protect against ransomware and other cyber attacks but experts warn against complacency:

https://www.fnlondon.com/articles/banks-cyber-defences-hold-firm-for-now-20170515

Microsoft Bashes NSA Following Massive Ransomware Attacks

Microsoft unleashed its wrath on the NSA, alleging it was responsible for the ransomware attack:

http://www.technewsworld.com/story/84531.html

Massive Ransomware Attack Reaps Meager Profits

The WannaCry ransom attack that quickly circled the globe this week is not yet fully contained:

http://bit.ly/2rljcOy

Which party is even remotely ready for the tech revolution?

The world of work is set to change & it’s a subject our politicians seem scared to address:

http://bit.ly/2qXk5Np

Rabobank enters digital identity market

Rabobank partners with Signicat to provide onboarding new customers:

http://bit.ly/2qitHPs

Japan brings in high speed trading rules

Japan’s FS watchdog introduces HFT rules to demon- strate risk management processes in place:

http://bit.ly/2qAt0n5