Best Practices To Manage Hedge Fund Cybersecurity Risks

As we’ve seen this week with another world wide ransom cyber security virus attacking corporate firms, cybersecurity is a critical business issue for hedge funds and other investment management firms too. The financial conse- quences of a cyber attack can be significant and could result in a serious im- pact to a firm’s reputation. Not surprisingly, cybersecurity is also a growing concern for regulators, and an area where fund managers are increasing their focus.

Critical cyber risks for hedge funds and other investment managers

A number of cybersecurity issues are of particular concern for investment managers, including protection of investor information, intellectual property, trade execution, fraudulent activity, cybersecurity compliance, & loss of reputation.

Hedge funds maintain sensitive data (e.g., names, social security and bank account numbers) of high net-worth individuals and institutional investors. Given the profile of these clients, this sensitive information can be particu- larly enticing to hackers.

Hedge funds also must carefully safeguard proprietary trading algorithms, investment strategies, and other forms of intellectual property (IP). Hackers understand how valuable this information is to funds and a cyber attack may focus on stealing an algorithm, source code, or other information asset to hold for ransom. Hackers and viruses could also potentially disrupt systems that execute trades.

Fraudulent trading activity and electronic transfers of funds are also key concerns. In a recent attack in the news, hackers broke into a hedge fund system and gained access to execute wire transfers. Firms must secure access to all trading and treasury functions, guarding against potential external and internal fraudulent activity.

Further, hedge fund managers face cybersecurity and privacy compliance concerns. Regulators require managers to sufficiently pro- tect investor information, and to have preventative plans in place. Given the impact a cyber attack could have on fund investors and the attention that regulators are currently paying to cybersecurity, it is likely that we will see additional regulation in this space in the near future. As we have seen in recent years in the broader financial sector, new regulations come at a cost to those required to com- ply. New funds and smaller existing funds may struggle to manage the cost of compliance while still taking adequate action to stay within regulations, hence why using a MSP (Managed Service Provider) like Storm IT Financial, eases the burden of cost, expertise and knowledge to the alternative investment firms we partner with.

Finally, potential loss of reputation adds another dimension to cyber risk. Strong reputations are hard-won and easily lost in the hedge fund world, and being the victim of a cyber attack can prove fatal for businesses. Indeed, investors have increased their due diligence on the issue. Hedge funds are seeing a higher level of focus on cybersecurity within Requests for Proposal (RFPs), a sure sign that it’s a priority for their high net worth and institutional clients.

Be proactive to head off risks

Hedge funds and other investment managers face a unique set of challenges in planning for and protecting against cyber attacks. As profit centres and keepers of valuable investor and trading information, hedge funds represent an especially attractive target. Cyber attackers are constantly becoming more sophisticated and better organised. The fallout can be highly damaging to money managers in the competitive and reputation-driven world of financial investing. Firms must be proactive in implementing best practices to safeguard against attacks, while preparing themselves to respond quickly and effectively should a breach occur.

For more information on Hedge Fund, Asset Management, Private Equity & Alternative Investment cyber security & firewall, data back- up, disaster recovery & failover advice, cloud & IT Services, feel free to contact Storm IT Financial.

Storm IT Financial FinTech News & Trends picks: Week 26th June – 30th June 2017

IHS Markit launches RPA Manager for buy-side

IHS Markit launches a comprehensive service helping asset managers ac- quire investment research in compliance with MiFID II:

https://www.finextra.com/pressarticle/69878/ihs-markit-launches-rpa-manager-for-buy-side

Global cyber attack likely cover for malware installation in Ukraine: police official

The primary target of the crippling computer virus is highly likely to have been the Ukraine computer infrastructure:

http://uk.reuters.com/article/us-cyber-attack-ukraine-idUKKBN19K1WI

Firms need to regain control in the war on cybercrime

This week has seen another global cyber attack, bringing leading brands to their knees and making others fearful of future attacks:

http://www.cityam.com/267512/firms-need-regain-control-war-cybercrime

How regulation and market priorities drive fintech focus globally The interest in fintech worldwide shows no signs of abating…: http://www.cityam.com/267423/regulation-and-market-priorities-drive-
fintech-focus

Early adopters of new technology in the financial services sector are more successful than their peers, study reveals

Financial services firms who adopt new technologies early outperforming their peers, according to FIS Group:

http://www.cityam.com/267364/early-adopters-new-technology-financial-services-sector

90% of Buy-Side Firms Are at Risk of Non-Compliance by MiFID II Dead- line, JWG Survey Finds

Many buy-side firms believe they are at either high or medium risk of not being compliant by the January 2018 deadline:

http://bit.ly/2sYddzj

Data Security for MiFID II Needs to be Paramount, Warns Silverfinch

Leading regulatory data exchange, highlights importance of securing all data in the lead up to the regulatory step change of MiFID II:

http://bit.ly/2trsyt2

Waymark Tech launches world’s first AI tool to iden- tify crossover between financial regulations

Tech provider of regulatory intelligence software, launches a new AI-powered auto regulator identifier tool:

http://bit.ly/2twMmvm

Citi launches online platform for custody and fund services

Citi has launches comprehensive data and analytics platform using Big Data technology:

http://bit.ly/2uqXxlS

Alternative Data Provider Qineqt said to shut down

Qineqt sought close partnerships with Hedge Funds that could request hard-to-find data:

http://bit.ly/2stiGuo

Ensono Acquires UK-based Microsoft Azure Service Provider Inframon

Hybrid IT leader Ensono acquires 2017 Microsoft Cloud Productivity Partner of the Year to expand service ca- pabilities

http://prn.to/2u62G3y

Capita sells Asset Services division for £888m

Capita has permanently outsourced its Asset Services businesses to Link Administration for £888m:

http://bit.ly/2so2CyQ