Blog Entries from 01/2014
Last week, we kicked off our 2014 webinar series with our first topic, “Security Incident Response Priorities: How to Prepare Your Firm Before a Breach Occurs” featuring our own VP of Technology, Steve Schoener, along with eSentire’s Chief Technology Officer, Eldon Sprickerhoff. Topics discussed included common threat actors and potential security scenarios to be aware of as well as the importance of planning a response to such attacks.
A Quick Brief
In 2012, IBM reported that companies were attacked an average of 2 million times per week, and unfortunately, the statistics aren’t declining anytime soon. It’s no longer “what if” a security breach or cyber-attack occurs, but when and how it will occur. With targeted attacks that are bypassing existing security infrastructures, the topic of security has become even more important to all firms.
The most common security threat actor lately has been attacks from criminal organizations, most notably international occurrences. Criminal organizations are out for profit and the most difficult to track down, especially in international instances. There has been less impact from Nation States, but these are still threats to be cautious of, along with insiders and hacktivists.
Categorized under: Security
At the end of last year, we predicted security would continue to be a hot topic in 2014 - and our experts agree. It's still such an important topic for hedge funds and investment firms to be educated on that we even dedicated our first webinar of the year to it.
Expert speakers from Eze Castle Integration and eSentire spoke earlier today about security incident response priorities and offered best practices for investment firms looking to plan before a security breach occurs.
Watch the video below and learn more about the three critical phases of security incident management:
Planning is valuable in preparation for any form of event, but is essential in more common situations such as severe winter weather. Depending on where you are located, frequent weather events may not appear dangerous since you have been through them before; but what if this next storm shuts down your power for a week?
Do you know what to do or where to go? Do you have the proper supplies on hand? Weather can be a common disruption that arises quickly and without warning and affects many.
When it comes to keeping your firm’s IT infrastructure running smoothly, it’s critical to perform routine maintenance. Whether you manage your own technology or rely on an outsourced service provider, maintenance plays an important role in keeping your IT running at full speed. Setting priorities and expectations ahead of time will ensure your maintenance is performed successfully and does not negatively impact your firm.
Following are four areas to focus on as you plan your scheduled maintenance with your in-house or outsourced IT staff.
Be clear on who is responsible for what when it comes to the entirety of the maintenance schedule. By planning ahead, you can greatly reduce the time it takes to complete your firm’s maintenance and the resources you will need to complete all tasks.
Categorized under: Hedge Fund Operations
It’s true, the Canadian smartphone maker BlackBerry is preparing to launch a new firmware upgrade to its BB10 OS smartphone, including the Q5, Q10, Z10 and Z30 phones, that will allow Android apps to become available to its users via the BlackBerry World portal.
There is no question the BlackBerry handsets have been struggling because of a significant “app gap.” Consumers have come to expect unimaginable numbers of apps at their fingertips, which can easily be found on iOS and Android.
In the past, BlackBerry only accepted apps created using their own proprietary format. The 10.2.1 upgrade to its BlackBerry operating system will support Android apps.
First of all, let’s clear up what phishing is for those of you who aren’t sure. Phishing is a psychological attack used by cyber criminals in order to trick you into giving up personal information or taking action. Phishing has developed over time.
The term initially described email attacks that would steal your username/password information. Phishing now refers to any message based attack, whether that be email, IM, or on a social media network.
Categorized under: Security
This week we have a contributed post from Deborah Prutzman, CEO of The Regulatory Fundamentals Group.
Since the summer of 2012 the SEC has embarked on a drive to change the culture within financial services firms, including those in the alternatives space. At first the SEC focused on education—both of its staff and of industry participants. Now the SEC is actively using enforcement as a hammer to drive deeper change. Enforcement cases in 2013 included a focus on boards that failed to properly steer the valuation process and on individuals who misled compliance, as well as the highly-publicized cases involving insider trading.
What does this mean for you in 2014?
1. The SEC will continue to focus on governance and on gatekeepers. This means you. Whatever your role-- as an adviser, on a board, or as a service provider-- you must have a grasp of key regulatory requirements. The SEC has announced an initiative to bring enforcement actions for inadvertent (or in technical terms “non-scienter”) violations. Do not let your firm be on that list. Take the time to learn what is required of you. Doing otherwise is like crossing the street with your eyes closed. Some may make it across, but do you want to be the one hit by a truck?
First and foremost, Happy New Year everyone!
2014 has officially begun, and as with every New Year, it is important to reflect on the previous year and set goals for the future. Many of the resolutions that we made last year are still prevalent this year because they are foundational for a hedge fund’s success. This year we are offering a few more critical recommendations to ensure that your company and IT operations run efficiently and effectively.