Cybersecurity has transformed from a once-a-year process to an ongoing effort.
Managing risk has become increasingly digital and complex within alternative investment environments. Nowadays, it’s not just regulators you need to impress but your investors as well.
In our latest webinar, Drawbridge’s Simon Eyre (CISO) and Louis Cordone (Head of Client Success) sat down together to discuss this topic. We’re sharing some of the top insights from this webinar on how fund managers can demonstrate risk reduction as a key confidence builder for investors.
LPs care more about cyber than ever, but why?
How we view cybersecurity has changed significantly, especially in the LP world.
LPs have always cared about cybersecurity from a technology and compliance standpoint. What’s shifted in recent years is a change in perspective that now views cyber as a vital communication tool as well. Attention has migrated away from the nuts and bolts of cybersecurity and toward the potential impact on returns, amounting to crucial details that can either win investors over or turn them away.
While cybersecurity was once a disparate set of security measures that happened behind the scenes, now it has become a larger and more dynamic open dialog about what’s best for all involved.
The best defense is a good offense
For cyber to continue as an open conversation, particularly in the alternative investment space, you need to have transparency and qualitative data to communicate the effectiveness of a cyber program.
A successful cyber attack can minimize investor returns. Yet, on the flip side, a cyber incident that is quickly mitigated and results in minimal return impact can ultimately have a positive effect. How? By demonstrating to LPs, VCs, PE firms, or allocators that in the event of an attack, you have a clear and effective response plan ready.
As Louis puts it, “the best defense is a good offense.” Showcasing that you are prepared to prevent and respond to incidents illustrates your fundamental level of cyber hygiene.
Exceeding investor expectations as a fund manager
Cybersecurity can be an extensive undertaking when viewed in the context of not just the fund or the portfolio but more broadly as an ecosystem. In any direction you look, you can find cyber risks.
Louis highlights three key components of this process:
- Mandate cybersecurity standards across your entire portfolio, including all portfolio companies, using collective and holistic data for benchmarking.
- Take ownership of your cyber program by not only identifying risks but also demonstrating the improvements you’ve implemented through appointing and hiring senior experts.
- Quantify data gathered through your mandates at both the individual level and across your portfolio. Doing so can help you to bring riskier portfolio companies into a safer space.
The critical importance of benchmarking
In the alternative investment sector, you need the ability to make apples-to-apples comparisons. Benchmarking matters because if you can only measure your cyber program against yourself, you’re left with no concept of how your program and best practices measure up to your peers and competitors.
The key is to take a wide lens and consider how cyber can affect both future and existing investments, as this can reveal new investment opportunities.
At Drawbridge, our solutions can score your cyber program and benchmark your fund’s reputation and credibility to investors and allocators.
How do you demonstrate cyber maturity to your LPs, PE firm, or allocator?
