Vendor Due Diligence

Zero-day Exploit Affecting Java Applications

December 13, 2021

UPDATE As the collective understanding and impact of the Log4Shell Vulnerability continues to build, Drawbridge is releasing updated information. Please read carefully to understand the impact this vulnerability may have on your systems, and recommended mitigating actions. The first reports of attacks are appearing, with researchers confirming vulnerable systems on the Internet having crypto-mining malware…

Read More

Market Spotlight: Hedge Funds and Identifying Vulnerabilities with Drawbridge

August 31, 2021

Among the industries that require cybersecurity, hedge funds are some of the most susceptible to potential breaches. From ransomware to privacy attacks, it is important that a hedge fund has a plan in place to both respond to potential breaches, as well as to defend from them in the first place. The threat landscape targeting…

Read More

Market Spotlight: Secure Your Third-Party Relationships with Drawbridge

August 27, 2021

In modern times, further scrutiny has been placed on third party groups with regards to a firm’s cybersecurity. As more possible breaches are discovered through a lack of third-party vendor due diligence, it has become a point to properly equip firms with the tools needed to fend off and eliminate these potential threats. Vendors attached…

Read More
Cybersecurity Program Management

Service Spotlight: Cybersecurity Program Management from Drawbridge

July 13, 2021

Cyber attacks and other digital risks continuously threaten every aspect of the security of your business, including business continuity, operational resilience, revenue, brand and reputation, and customer relationships. In order to protect the interests of your clients, partners, investors and vendors, your firm must have a comprehensive cyber program in place, no matter what type…

Read More

Market Spotlight: Protect your Private Equity Firm from Cyber Threats with Drawbridge

June 30, 2021

An industry as complex as private equity requires solutions that are specifically built for the unique needs of this industry. Leaders of private equity firms must be able to understand the cyber risks that pose a threat specifically to the private equity industry. At Drawbridge, we are equipped with the tools and expertise to help…

Read More
Drawbridge Vendor Due Diligence

Service Spotlight: Protect Your Firm With Drawbridge Vendor Due Diligence

June 22, 2021

Third-party relationships have become a growing threat. Still, many organizations lack a sufficient vendor due diligence program to manage and monitor their vendors’ cybersecurity programs At Drawbridge, we work to ensure that your third-party vendor cybersecurity practices are being done carefully with your protection in mind, and meet the industry requirements to identify data risks…

Read More

SEC Division of Examinations Announces 2021 Examination Priorities

March 16, 2021

This month, the Securities and Exchange Commission’s Division of Examinations announced its 2021 examination priorities. The examination priorities are published each year, offering insights into those areas that the Division believes could present risks to investors and the U.S. capital markets. The Division will focus on climate-related risks, as well as conflicts of interest for…

Read More

Drawbridge Announces Growth Equity Investment from Long Ridge Equity Partners

March 9, 2021

Minority investment follows a continued period of significant revenue growth and global expansion. Drawbridge, a premier provider of cybersecurity software and solutions to the alternative investment industry, today announced it has closed a minority investment from Long Ridge Equity Partners. Drawbridge will use the funds to accelerate product innovation, expand sales and marketing activities across…

Read More

The Importance of Vendor Due Diligence

July 23, 2020

On July 21st, 2020, The University of York published an article describing a recent data security incident involving one of its third-party service providers. They describe the attack as the loss of personal information from Community members, Staff, Alumni, Students and Others involved with the University. They also state that a number of other US…

Read More


January 27, 2020

SEC OCIE Publishes Observations on Cybersecurity and Resiliency Practices On Monday, January 27th, 2020, the U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued examination observations related to cybersecurity and operational resiliency practices. The observations focus on the following areas: Governance and Risk Management Access Rights and Controls Data Loss Prevention…

Read More