Eze Castle Integration Eze Castle Integration

Hedge IT Blog

Hedge Funds and Private Equity Firms: What's Your Security Attitude?

By Kaleigh Alessandro,
Tuesday, May 2nd, 2017

If there’s one thing we’ve learned over the years when it comes to cyber security, it’s that there’s a whole lot more to creating a secure investment firm than robust technology. Before identifying infrastructure components and implementing operational policies, a firm must first be clear on what its attitude is toward security. This attitude will filter through the company from the top down, and will therefore dictate how employees and the business as a whole operate on a daily basis.
 
To give you a clearer understanding of what we mean, we’ve created three security profiles that cover a wide spectrum in terms of security attitudes and practices. 

Under the Radar: Low Security

If your attitude toward security is low, odds are you’re barely scraping the surface in terms of what practices and policies you should be employing to maintain proper security firm-wide. You likely rely on quick fixes to solve problems instead of looking at the bigger picture and thinking strategically about how cybersecurity risk management can both benefit and protect your business. You’ve employed minimal preparedness efforts and could be in for a difficult task if faced with a serious security incident. You probably take an “it won’t happen to me” attitude and don’t take security seriously enough – a stance that could endanger your firm in the long term. 

Play it Safe: Moderate Security

In a typical moderate fashion, if this is your security attitude you probably fall somewhere in the middle. You’re employing practices and protocols just enough to get by and feel secure – but there’s still plenty more you could do. In many cases, you rely solely on the IT department or managed service provider to handle security and don’t involve other areas of the business. You send a once-off communication to employees to change their passwords – but don’t follow up on it or enforce it on a regular basis. You may be protected against moderate security threats but could suffer if a serious breach occurs.

Lock it Down: High Security

If your attitude toward security is at the highest level, congratulations! While one could argue there is always more than can be done in regards to security, you're at the front of the pack and taking it seriously (as you should). You employ best practices across the firm and document policies and procedures to outline technology and operational priorities and safeguards. More so, you take the time to educate and train your employees on security awareness on a regular basis. You take a proactive stance against security, ensuring it becomes a company-wide effort and engaging all users in preventing and responding to security incidents. Your demonstrated awareness of the importance of security will serve you well in the event a breach or incident occurs.
 
Have you figured out where you stack up? The chart below further identifies characteristics and trademarks of these security profiles.

What's your Attitude Toward Security?

For more guidance on security best practices for hedge funds and private equity, check out these resources:

Investment Firm Cyber Security Layers

Editor's Note: This article has been updated and was originally published in August 2014. 

Categorized under: Security  Operational Due Diligence  Outsourcing  Private Equity  Hedge Fund Operations  Infrastructure  Trends We're Seeing 



Recent Posts / All Posts