Insights

European Cybersecurity Month: Be Aware of Cyber Scams

October 19, 2020

It is officially the European Cybersecurity Month (ECSM) – the EU’s annual campaign dedicated to promoting cybersecurity among citizens and organizations through awareness-raising and sharing of good practices. The motto of this year’s campaign is ‘Think Before U Click’, and a key theme explored by ECSM 2020 are cyber scams and the dangers they pose…

Read More

Cisco Alert – Four High-Severity Flaws Found

August 7, 2020

Cisco is urging customers to update small business switches, its DNA Center software, routers with its StarOS software, and its AnyConnect Secure Mobility VPN client for Windows. CVE-2020-3363: Cisco has disclosed a bug in the IPv6 packet processing engine of several Cisco Small Business Smart and Managed Switches that could allow a remote attacker without…

Read More

The Importance of Vendor Due Diligence

July 23, 2020

On July 21st, 2020, The University of York published an article describing a recent data security incident involving one of its third-party service providers. They describe the attack as the loss of personal information from Community members, Staff, Alumni, Students and Others involved with the University. They also state that a number of other US…

Read More

Critical Microsoft Alert and Patching Update

July 15, 2020

As part of the July “Patch Tuesday”, Microsoft released a total of 123 CVEs (or “Common Vulnerabilities or Exposures”). That comes on the back of a record-breaking number of June CVEs totaling 129. The year-on-year volume of CVEs from Microsoft is increasing rapidly, with 2020 totaling 657 so far. We are not far from eclipsing…

Read More

Cybersecurity: Ransomware Alert

July 12, 2020

On July 10, 2020, The SEC’s Office of Compliance Inspections and Examinations (OCIE) released an alert on the growth of the ransomware threat for financial services market participants and its commitment to providing advisory to assist these firms in taking proactive measures to protect their businesses. Phishing attacks and other social engineering campaigns are being…

Read More

Availability – The Forgotten Stepchild of Cybersecurity

June 22, 2020

On an early Monday in the lock-down process for the UK, many companies settled their staff into the comfort of their homes and logged into Corporate services to test their networks. Some of those using collaboration tools from Office365 were greeted with the message “We’re investigating problems in Microsoft Teams…”. A truly unfortunate start to…

Read More

Returning to the Office as Pandemic Restrictions Ease

June 1, 2020

With many of the COVID-19-related restrictions easing up around the country, returning to the office will come with its own set of security-related challenges. In addition to using DrawbridgeConnect, the items below should be considered as you plan to return the firm to business as usual: Machines that have been off for a prolonged period…

Read More

“All in this together”: How hedge funds are tackling cybersecurity challenges in the COVID-19 lockdown

April 20, 2020

Originally Published in HedgeWeek. With the closure of non-essential workplaces during the COVID-19 pandemic shaking up the way financial services companies do business, the remote working environment is raising an assortment of operational challenges for hedge fund firms, spanning communication technology, data and information security, and infrastructure vulnerability.  When the UK lockdown was announced last…

Read More

Please Surf Responsibly: Drawbridge’s Best Practices for Building a Safer Internet

February 11, 2020

Safer Internet Day – February 11, 2020 The key to teaching your children and teens about Internet Safety is: Start NOW Safer Internet Day, a worldwide event observed on February 11th, aims to promote the safe and positive use of digital technology for all users – especially children and teens. Drawbridge’s mission is to keep…

Read More

Drawbridge’s Keys to Privacy

January 28, 2020

Checklist for Alternative Investment Managers Data Privacy Day, celebrated on January 28, brings awareness to the private sector around the safety of personal data and best practices for protecting one’s own data. For Alternative Investment Managers, concerns around data safety and protection of their firm’s data cannot be highlighted just one day a year –…

Read More

CYBERSECURITY NEWS: SEC Observations

January 27, 2020

SEC OCIE Publishes Observations on Cybersecurity and Resiliency Practices On Monday, January 27th, 2020, the U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued examination observations related to cybersecurity and operational resiliency practices. The observations focus on the following areas: Governance and Risk Management Access Rights and Controls Data Loss Prevention…

Read More

Cybersecurity News: SEC & CFTC Update

January 8, 2020

Cybersecurity News Alert 2020 SEC EXAMINATION PRIORITIES On Tuesday, January 7th, 2020, the U.S. Securities and Exchange Commission (SEC) released the examination priorities for 2020. The SEC has shifted their examination priorities from years past in an effort to adapt to emerging risks, but cybersecurity continues to remain a top priority for the SEC. The…

Read More