Insights
The cyber landscape never stops shifting – and neither should your perspective. Our Insights bring you expert commentary, thought leadership and practical guidance on the issues shaping the alternative investments sector. Stay ahead of regulators, satisfy investors, and strengthen your resilience with analysis from the team that knows your world best.
-
Top 10 Essential Data Security Tips for International Business Travel
Many of us bring work with us, even during summer travel with friends or family. Using personal or business devices to access work while on the go, particularly when traveling overseas, comes with unique data security challenges. Here are some essential tips to ensure your corporate and personal data remains secure during your travels: 1.…
-
Cyber Insurance Market Update
Cyber Insurance Market Trends After significant increases in premiums in 2021 and 2022, the cyber insurance market has now stabilized despite a steady acceleration in the frequency and sophistication of attacks. This has led to competitive renewal expense for companies that can demonstrate improved cyber maturity and a simultaneous increase in costs amongst firms with…
-
Schedule your Penetration Test this summer: Avoid the year-end rush and strengthen your security
Penetration Tests are a frequently requested service at Drawbridge. Many Alternative Investment Managers wait until year-end to schedule these critical assessments, only to find providers overwhelmed with requests. Here’s why scheduling your Penetration Test, also referred to as Pen Tests, during the summer is a smarter choice. Why schedule Pen Tests during the summer? …
-
Securing Private Equity investments: The 7 most common vulnerabilities that cyber attackers exploit
Protecting your PortCo’s requires a deep understanding of the many vulnerabilities in their environment. With bad actors targeting Portfolio Companies (PortCo’s), ensuring the long-term value of your portfolio requires an in-depth look at your PortCo’s cyber posture. Here are seven of the most common cyber vulnerabilities impacting PortCo’s today: Lack of multi-factor authentication…
-
The 3 not-so-obvious consequences of a data breach (& how to deal with them)
Many of us know the obvious consequences of a data breach, like regulatory fines and monetary loss. Yet, a data breach can have widespread impacts that go beyond the obvious in the Alternative Investment space. Here are 3 not-so-obvious dangers of a data breach to address: Attracting the attention of other cybercriminals After suffering a…
-
Preparing for the SEC’s updated S-P Regulation: Incident Response, Vendor Risk, and Recordkeeping
In May 2024, the SEC published final enhancements to the existing Safeguards and Disposal Rule to protect sensitive customer and investor information. The updates establish a federal minimum standard for data breach notifications by broadening disclosure and recordkeeping requirements. What you need to know – This isn’t a new rule, but an amendment to an…
-
Alternative Investment Managers located in NY: What you need to know about changes to NY DFS Cyber Regulations
As of November 1, 2023, Part 500 of the NYCRR has come into effect. Here’s what Alternative Investment Managers need to know about the new requirements of Part 500 and to whom they apply. What you should know — Knowing whether or not your business falls within the scope of NYCRR Part 500 is the…
-
How a cybersecurity breach disrupts your Portfolio Company’s exit performance
For Venture Capital and Private Equity, Q1 of 2024 were challenging times, considering the high interest rates and hesitant investors. A cyber breach on your PortCo’s shouldn’t become one of those challenges. Here’s the cybersecurity perspective on how to ensure a smooth exit. What you should know – To safeguard deals, Private Equity and Venture…
-
3 components of ethical hacking for Alternative Investment and Wealth Managers
The business value of the three components of ethical hacking boils down to this: Every Manager needs multiple cyber approaches to achieve operational and cyber resilience. Ensuring resilience helps firms to meet investor, board, and regulatory requirements, which is beneficial during fundraising and operational due diligence reviews. What you should know—Ethical hackers are experienced professionals…
-
Do Managers with a small staff still need a cyber program?
The answer is yes. Managers with fewer than 10 employees still need a strong cyber program. Cyber crime affects any size of business but the smallest Investment Managers face heightened threats from social engineering and poor credential management. What you should know – Small companies and firms suffer from a disproportionate number of attacks…
-
Cyber vs IT vs Compliance
Cybersecurity, IT providers (such as a managed service provider), and compliance vendors don’t perform the same functions. But you need to engage all three independently to meet investor and regulator expectations. What should you know – Regulators and investors are establishing the standard of an independent audit in cybersecurity risk. Cybersecurity in the Alternative Investment…
-
Hedge Fund launch roadmap: Where does cybersecurity fit in?
Launching a Hedge Fund is complex in the best of times but don’t let establishing a robust cybersecurity program add to that complexity. What you should know – A strong cybersecurity posture is expected at the earliest stages of launching a new Hedge Fund, by both investors and regulators alike. A well-designed cyber program can: …
