In its 2015 priorities, the SEC’s Office of Compliance Inspections and Examinations (OCIE) listed cybersecurity as a key focus area in its risk-based assessments. Then on February 3, 2015, OCIE released summary findings from its Cybersecurity Examination Sweep.
OCIE’s sweep focused on written documentation for their assessment and conducted "limited testing" of the accuracy of the responses. They did not review the technical sufficiency of the firms’ programs either. OCIE’s reliance on documentation highlights the importance of complete Written Information Security Policies.
Following are noteworthy items Eze Castle Integration observed in reviewing the findings.
Most firms adopted written information security policies, but 43% of advisers did not conduct periodic audits to determine compliance with these information security policies and procedures.
49% of advisers did not discuss mitigating the effects of a cybersecurity incident and/or outline the plan to recover from such an incident in their written business continuity plans.
The vast majority of examined firms conduct periodic risk assessments, on a firm-wide basis, to identify cybersecurity threats, vulnerabilities, and potential business consequences. However, only 32% of advisers require cybersecurity risk assessments of vendors with access to their firms’ networks.
In the Written Information Security Plans (WISP) Eze Castle Integration creates for clients, we include service provider risk assessments as a standard element.
Today we released a new whitepaper that looks at a growing trend we are seeing -- billion dollar hedge funds and investment firms moving to the cloud. Here is a sneak peak at the paper's content as well as a video interview with Bob Guilbert on why firms should read, Why the Billion Dollar Club is Headed to the Cloud.
It’s More Than Managing Money
There’s more competition in financial services than ever before. Every week, new and agile boutique firms sprout up, armed with proprietary models and the right technology foundation to compete – intensely – with the major players for billions of investment dollars. Firms of every size are competing to deliver broader ranges of increasingly exotic instruments, specialized funds, and high-performance investments that deliver competitive returns to investors whose demands and expectations continue to climb.
But when it comes to performance and success in financial services, there’s more to evaluate than just the hard numbers. Returns alone aren’t enough. Today, savvy firms know they need to deliver more. In a post-Madoff, post-2008 world, the SEC and FINRA – and investors as well – are scrutinizing all corners of the operation. There’s an increased focus on how operational risk is managed and how firms respond to greater demands for transparency. That means it’s more important than ever for firms to deploy and maintain robust, scalable, and secure technology infrastructures.
Moving to the cloud is one of our favorite topics here on Hedge IT, and there is a compelling argument for hedge funds and alternative investment firms to consider leveraging the cloud for some or all of their infrastructure. INDOS Financial, an independent Alternative Investment Fund Managers Directive (AIFMD) depository based in London is one firm that chose to utilize the private cloud for their growing firm, and we’re excited to share their experience with you.
Watch the video below for an interview with Bill Prew, CEO and founder of INDOS Financial, as he talks about selecting the right technology infrastructure for his firm’s increasing demands.
They say a picture is worth a thousand words so here is an infographic of our 2013 Global Hedge Fund Technology Benchmark Study that explores the most common front, middle and back office applications and technology used at today's hedge funds.
Data center facilities are at the heart of any cloud offering and, as such, are getting more scrutiny as hedge funds evaluate who the right cloud provider is for them.
Earlier this year we created a pretty infograpic that mapped what firms should look for in a colocation facility. Remember this?
Since not everyone loves infograpics, we decided to spell out what we look for in a colocation facility. Our due diligence is extensive, but here are some of the high points.
Ownership, Operation & Support: Eze Castle Integration seeks a colocation facility that is owned and operated by a reputable organization with vast industry knowledge and experience. Additionally, the personnel and client support must be of the highest quality in order to ensure that all Eze Castle colocation clients receive the best service and support possible.
Are you like one of the millions of people pondering the answer to ‘what is hypervisor-based replication and how will it change my disaster recovery approach’? I know I was.
So, let me help you with that!
Our technology experts here at Eze Castle Integration spent some time in the lab testing and evaluating hypervisor-based replication and recently incorporated it into our Eze Disaster Recovery 2.0 offering. We think it delivers excellent benefits, but let’s start with the basics.
What is hypervisor-based replication?
TechTarget defines hypervisor-based replication as “a technology that automatically creates and maintains replicas of virtual hard disks or entire virtual machines (depending on the platform that is being used).” Analyst firm IDC goes on to say that this replication approach “protects virtual machines (VMs) at the virtual machine disk format file level rather than at the LUN or storage volume level, thus replication can be done without the management and TCO challenges associated with array-based replication.”
Like David bravely dueling with the larger Goliath, small and mid-sized investment firms are often faced with insurmountable odds when competing against larger (and better endowed) funds. With more experience and more assets, larger firms have the advantage when it comes to soliciting investor allocations. But do these inherent shortcomings equal certain failure? If David can emerge victorious, can’t smaller hedge funds?
Earlier this week, we gathered a panel of experts in San Francisco to discuss this topic at length. Following is a brief synopsis of the topics they covered.
Cloud computing is becoming a standard IT deployment method for the investment management industry. In fact, our 2012 survey found that 8 in 10 investment management firms are either currently or planning to use a cloud service. So once a hedge fund or alternative decides to go cloud the next question is "why go Eze Private Cloud?"
Well, we have the perfect answer to that, and you can have it in just 60-seconds. Watch our quick video and learn why Eze Private Cloud is the investment industry standard for cloud services.
On 19th March, the Eze Castle Integration team in London hosted their first-ever Hedge Fund Cloud Summit at the Prince Philip House.
Eze Castle Integration along with leading experts in the financial services industry - INDOS Financial Limited, Morgan Stanley Prime Brokerage, Bloomberg, Credit Suisse Prime Services, Lucidus Capital Partners LLP, Portman Square, LLP, eSentire, Global Relay, and Simmons & Simmons - came together to provide a half day educational seminar featuring a wealth of information on the cloud to over 100 hedge fund and alternative investments firms.
Yesterday our VP of client technology, Steve Schoener, presented on a California Hedge Fund Association webinar about building an institutional infrastructure at today’s hedge funds. A lofty topic (so consider this a basic primer), Steve focused on four key discussion areas, which we’ll recap here. They were:
Investor Expectations of IT
On-premise & Cloud solutions: Which is right?
Security Risks & Best Practices
Disaster Recovery How-Tos