Skip to content
DWB_Master_Logo_2022-08-05_WithTrademark_Dual_Dark_Web
  • Platform
  • Professional Services
  • Markets
  • News & Views
  • About
    • Company Overview
    • Leadership
    • Partners
    • Careers and Culture
    • Awards
  • Contact
  • Platform Login
  • Platform
  • Professional Services
  • Markets
  • News & Views
  • About
    • Company Overview
    • Leadership
    • Partners
    • Careers and Culture
    • Awards
  • Contact
  • Platform Login
Request a Demo

Request a Demo

    Back to All News
    November 7, 2022-Hedge Fund, Policies & programs, Program Management, Training-Drawbridge

    How Hedge Funds Can Stay Ahead of Ransomware with the Right Incident Response Plans

    There can be no hedging your bets when it comes to defending against ransomware.

    Funds don’t need to look far for high profile examples of devastating attacks, from Conti’s strike on Costa Rica in April to last year’s infamous Colonial Pipeline breach.

    And ransomware is on the rise, thanks to the growth of trends like ransomware-as-a-service. Verizon’s 2022 Data Breach report found a 13% year on year increase of ransomware attack: a jump greater than the past 5 years combined.

    Hedge fund cybersecurity has never been more important – no one wants to be another headline or a cautionary tale in a security blog. And the cost of an attack is never just the ransom demand. The disruption to services, legal costs and reputational damage are all huge losses victims must bear.

    Outpace the criminal element

    Financial firms like hedge funds and private equity funds are prime targets for ransomware. After all, criminals know to go where the money is. But just because you have a bull’s eye on your back doesn’t stop you from blocking arrows. 

    Consider these fundamental steps to keep your hedge fund ahead of malicious actors:

     – Prepare for an imminent ransomware attack like it could happen tomorrow- and that includes creating an incident response plan. Yes, it’s superstitious to think that writing up a plan will somehow invite an attack. But yes –  having that plan could be the deciding factor in your fund’s survival.

    –        Your cast-iron response plan should provide a structured approach to an attack, checklists for certain stages, and even template emails to help manage communications in the event of a breach. Make sure you save the plan in a way that lets you access it even if your systems are under fire. It’s well worth turning to experts for support here to ensure there are no weak links in your strategy.

    On the topic of weak links, it’s crucial firms identify theirs and strengthen them. Vulnerability remediation is the key to staying ahead of ransomware, particularly in the age of remote working where new, roaming devices now require access to your network. Your firm needs to consistently test for weaknesses and invest in sophisticated endpoint protection as part of your overall vulnerability management program.

    Also be sure to invest in company-wide education (right up to your C-Suite) and check the services and cover offered by your business insurance provider in the event of an attack.

    You’ve been hit – now what?

    Let’s say the worst happens and, for all your careful planning, you’ve been hit by an attack. Now what?

    The big question on your mind will be whether to pay the ransom – but experts and government agencies like CISA advise you should not. There’s nothing to force a criminal to honor the ransom and there’s a high risk of follow up demands.

    So what should victims do? Working with authorities will be central to your response – but you should immediately start taking action on your own.

    Ultimately, this will involve following your incident response plan, but don’t’ forget other important steps. Quickly determine which systems are affected and immediately isolate them, and begin restoration and recovery of those systems in order of priority, consulting with your security team to gain an initial understanding of the attack and inform team members and relevant stakeholders. More details and government advice can be found on the CISA website.

    Is your fund prepared to face a ransomware attack? Our team of experts is here to shore up your security and provide you with the highest possible protection. Get our support with security policies and incident response plans, identifying hidden vulnerabilities and delivering comprehensive and memorable training. Contact us to find out more.

    Tags:

    Hedge Fund, Policies & programs, Program Management, Training
    DWB_Master_Logo_2022-08-05_WithTrademark_White_Dual_Dark_Web

    Platform

    • Holistic Program Management

    • Vulnerability Management

    • Vendor Due Diligence

    • Portfolio Company Due Diligence

    • Cyber Risk Assessment

    • Regulatory Assessment

    • Cloud Security Assessment

    • Dark Web Monitoring

    • Penetration Testing

    Professional Services

    • Let’s Get Started

    • Cybersecurity Training

    • Cybersecurity Advisory

    • Policy Creation & Gap Analysis Advisory

    • Data Privacy

    • Business Continuity

    Markets

    • Private Equity, Venture Capital & Portfolio Companies

    • Hedge Funds

    • Family Offices & Asset Managers

    • Asset Allocators and Owners

    News & Views

    • Alerts

    • Awards

    • Media

    • Press Releases

    • Thought Leadership

    About

    • Company Overview

    • Leadership

    • Partners

    • Awards

    • Careers and Culture

    • Contact

    © 2023 Drawbridge. All Rights Reserved.

    Privacy Policy   |   Diversity Statement   |   Platform Login

    Cleantalk Pixel
    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
    CookieDurationDescription
    cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
    cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
    cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
    cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
    cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
    viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
    Functional
    Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
    Performance
    Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
    Analytics
    Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
    Advertisement
    Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
    Others
    Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
    SAVE & ACCEPT
    Scroll To Top