Insights
The cyber landscape never stops shifting – and neither should your perspective. Our Insights bring you expert commentary, thought leadership and practical guidance on the issues shaping the alternative investments sector. Stay ahead of regulators, satisfy investors, and strengthen your resilience with analysis from the team that knows your world best.
-
Drawbridge Receives SOC 2 Type II Attestation
We are proud to share we have completed our SOC 2 Type II audit. This attestation provides evidence that Drawbridge continues to focus on our strong commitment to security, but also to delivering first class services to our clients by demonstrating we have the necessary internal controls and processes in place to support our clients…
-
Linedata Breach – August 11th, 2025
Linedata’s Icon was targeted in a cyber attack on 11th August, 2025. The attack has resulted in reported outages of Icon while the investigation and recovery process are in progress. Their official statement is available here. The attack highlights that firms should always remain vigilant to an often-quoted phrase, “It’s a matter of when you’ll…
-
Nearly Half of Portfolio Companies Skip Critical Cyber Testing. What Does That Mean for Your Portfolio?
In an evaluation of 1,000 cyber risk assessments, 48% of firms performed external penetration testing less than once a year, if at all. That’s a staggering gap, especially in an industry where timing and risk precision are everything. For private equity firms, this is more than a cybersecurity concern. It’s a portfolio-level business risk. One…
-
AI is moving fast—are your policies keeping up?
Are you treating AI like a helpful assistant—or a ticking time bomb? AI is making our lives easier, no question. However, when introduced into the workplace without clear oversight, it can pose serious risks to your business—from regulatory exposure to cybersecurity threats. AI Risk Management Starts with Clear Policies and Communication Drawbridge’s Simon Eyre and…
-
DORA Preparation Check List
The Digital Operational Resilience Act (DORA) has officially been in effect since 17 January 2025, following a two-year lead-up period—but many organizations are still playing catch-up. Although DORA is an EU regulation targeting the financial sector, including alts, its reach extends beyond Europe. U.S.-based companies that provide services to EU financial institutions, including subsidiaries, are…
-
One Strategy That Could Cut Your Cyber Insurance Costs by 15–20%
We’re entering uncharted waters in the cyberspace, and hackers are ready to rock the boat. Alternative investment markets are overcrowded with providers, each offering a unique kind of expertise and service, and each just as important as the next. With so many different providers to choose from, it’s becoming increasingly difficult to pinpoint risks. The…
-
Shifting Cyber Readiness into the Front Office
Cybersecurity has transformed from a once-a-year process to an ongoing effort. Managing risk has become increasingly digital and complex within alternative investment environments. Nowadays, it’s not just regulators you need to impress but your investors as well. In our latest webinar, Drawbridge’s Simon Eyre (CISO) and Louis Cordone (Head of Client Success) sat down together…
-
The Cyber Security Ecosystem: Trust but Verify
In cybersecurity, independence doesn’t mean going it alone—it means making informed decisions while leveraging a strong network of trusted providers. Alternative investment firms depend on Managed Service Providers (MSPs), cyber risk advisors, and compliance experts to enhance their security, but they must also maintain autonomy in assessing risks, implementing best practices, and verifying protections. This…
-
Remaining Resilient Against the Threat of Cyber Attacks
The increased regulatory demand for operational resilience is reforming how the alternative investment space manages cybersecurity. Cyber risks are a top concern for fund managers, investors, and regulators due to the immense potential for financial, operational, and reputational impacts that cyber incidents pose. High-profile cyber events like Microsoft’s CrowdStrike outage reiterate the need for firms…
-
Executive Snapshot: Give LPs Real-Time Insight Into Your Cyber Posture
Can you easily demonstrate and explain your compliance needs to executives? If not, you need to make such capabilities a priority, particularly when it comes to cybersecurity. According to the 2024 Investment Management Compliance Testing Survey of 595 industry participants, more than 57% of investment adviser firms reported an increase in the scope and frequency…
-
The Interplay of AI, Vendor Risk, and Human Error in Cybersecurity
An effective cyber program must have the ability to continuously evaluate your critically important vendors and train your team members on the most up-to-date cybersecurity standards. Drawbridge’s CEO William Haney was recently joined by our CISO Simon Eyre and Spencer Wilson, SS&C Technologies’ Director of Strategy and Operations for a webinar all about the increasing…
-
Takeaways from the SEC’s Compliance Seminar: What to Know for 2025
In November, the SEC held one of its regular compliance outreach seminars for investment companies and investment advisers. In attendance was Drawbridge’s own Simon Eyre, along with SEC Compliance Solutions’ CEO Elizabeth Cope. Seminar discussions centered on the SEC examination priorities published at the end of October, showing a clear emphasis on strengthening existing rules.…
