As you have probably heard, a number of international organizations have become victims of cyber hacking over the past few months. Sony, RSA (a division of EMC Corporation), Lockheed Martin, PBS television, Nintendo and several others have admitted to suffering data losses as a result of security breaches. Experts believe that hackers are getting more sophisticated and more difficult to detect.
Is your fund at risk?
According to Jason Scharfman, managing partner of Corgentum Consulting, information security is often overlooked by hedge fund managers, as they typically do not view cyber hacking as a major threat to their businesses at this time. This assessment is not wholly inaccurate—investment firms have not been prime targets for hackers as of yet. However, consultants and prominent industry managers are strongly recommending that firms proactively conduct an internal examination of their information security policies and systems, as it is nearly impossible to know when or where hackers will choose to strike next.
What types of information are hackers after?
Hackers infiltrate corporate technology environments for a variety of reasons. In the retail arena (such as in the case of TJX Companies and other scandals in recent years) the perpetrator may be seeking customer data such as credit card information or social security numbers. In the investment industry, it is more likely that a hacker will attempt to steal information on a firm’s intellectual property, such as business plans, trading programs, market forecasts and investment strategies.
In order to gain access to the data, hackers may employ a number of different infiltration tactics. For instance, email systems could be hacked such that the perpetrator is able to view confidential messages being sent between employees internally. He or she may also attempt to interrupt Internet connectivity or tamper with important business applications.
It is important to keep in mind that it is not uncommon for hackers to engage in a combination of several strategies simultaneously. The most sophisticated can do so while remaining undetected by the systems they are infiltrating.
Are large funds at a greater risk?
Experts believe that firms of all sizes are at equal risk of becoming victim to cyber security breaches. The largest, most well-known investment management companies present hackers with opportunities to make money off of their large asset pools. Alternatively, hackers are also aware of the long-term value of obtaining the closely-held intellectual property secrets of smaller, rapidly growing funds.
What can be done to protect hedge funds from this type of cyber crime?
While it is nearly impossible to guarantee that your firm is impenetrable to hackers, there are a number of actions that can be taken to greatly decrease cyber security vulnerabilities. First and foremost, funds should evaluate internal policies and procedures to ensure that standard precautions such as password protection, email encryption, up-to-date antivirus software, and physical security measures are in place.
Additionally, it is vital to understand what parties (both internal and external to the organization) have access to what data. If your firm is working with a third-party IT provider, be sure that their data security policies are comprehensive and stringent as well.
Finally, think holistically about where the “perimeters” of your firm’s IT infrastructure lie. With the widespread use of Blackberrys, iPads and laptops, this line is often blurred. Do not overlook these aspects of your technology environment, as they are just as vulnerable to hacking, if not more so, than desktop computers and on-premise networks.
Interested in learning more about information security and how to keep your firm’s data protected? Check out these recent Hedge IT articles:
Key Learnings from the SEC Cyber Risk Guidance Update (Quick Video Recaps)
Hedge Fund Cyber Security, IT Platform: Eze Managed Suite
At Eze Castle Integration, we regularly work with hedge funds and investment firms to implement information security measures that help keep corporate data safe and secure. For more information, contact an Eze Castle representative today.
Source: Leading hedge funds assess threat from cyber criminals, Hedge Funds Review, Photo Credit: Istock and Istock
Categorized under: Security