Insights
The cyber landscape never stops shifting – and neither should your perspective. Our Insights bring you expert commentary, thought leadership and practical guidance on the issues shaping the alternative investments sector. Stay ahead of regulators, satisfy investors, and strengthen your resilience with analysis from the team that knows your world best.
-
Lessons learned from EyeMed’s costly $4.5 million failed risk assessment
In October 2022, the New York State Department of Financial Services (NYDFS) ordered EyeMed Vision Care, a Cincinnati, Ohio-based vision benefits company, to pay a $4.5 million fine for failing to conduct a necessary risk assessment and violating NYDFS cyber rules. So, what was EyeMed’s mistake? The insurance firm fell short on implementing a multifactor authentication process…
-
How Hedge Funds Can Stay Ahead of Ransomware with the Right Incident Response Plans
There can be no hedging your bets when it comes to defending against ransomware. Funds don’t need to look far for high profile examples of devastating attacks, from Conti’s strike on Costa Rica in April to last year’s infamous Colonial Pipeline breach. And ransomware is on the rise, thanks to the growth of trends like ransomware-as-a-service. Verizon’s 2022…
-
Are Hackers Phishing in Your Waters? Top Tips to Protect Your Firm
When cybercriminals go phishing, it’s financial firms they want to land. According to research published last month by the Anti-Phishing Working Group, the financial sector (including banks) was the most frequently victimized by phishing in Q2 2022, accounting for 27.6% of all phishing attacks. And there’s a good reason why. As a highly lucrative industry predicted to grow…
-
Typo-Squatting: 5 Steps to Avoid Falling Victim
Today’s hackers constantly look for additional ways to capitalize on cyber security shortfalls and compromise sensitive data and information. Our clients report that social engineering attacks involving typo-squatting techniques are on the increase. Many businesses fail to realize how easily they can fall victim to this type of attack – but as real world instances…
-
How Government Regulations Can Aid Cybersecurity Defenses
Drawbridge CISO Simon Eyre authored this piece, originally featured in Security Boulevard. “In cybersecurity […] we all have a responsibility to ensure that our threat defenses are up-to-date, that our teams are educated and aware of common threats, and that we gather, store and use sensitive data appropriately. But we must also be conscious of…
-
Cyber Security Intelligence: Ransom – Prepare For The Worst
In this contributed article, Drawbridge CISO Simon Eyre highlights the continuing – and growing – threat of ransomware. He also offers four steps to combat ransomware, which are summarized below. Four steps to combat ransomware Preparation and testing (“It’s critical to be able to access [the incident response] plan at a moment’s notice, so make sure…
-
The SEC Gets Real with Investment Advisers and Funds About Their Cyber Hygiene
Acknowledging the severity of cyber risks, the SEC in early February proposed new cybersecurity risk management rules and amendments for registered investment advisers, registered investment companies, and funds. Thanks to law firms, management consultants, and other SEC watchers, in-depth analyses of the proposed changes are readily accessible online. These reports do a good job of walking readers through…
-
Securing Company Devices from Spyware
Malware has become a critical issue regarding cybersecurity throughout numerous industries. Those firms who work within an online space, securing company devices that handle the personal information and assets of clients, are particularly at risk. Malware can take many forms, but one of the most prevalent is that of spyware. Tips for Security Company Devices…
-
Real-Time, Continuous Cyber Threat Monitoring Enhances Cybersecurity
Cyber threat monitoring is consistently important within financial industries. Cyber breaches can come from anywhere, at every level of the business. When potential avenues for cyber threats are under watch, however, firms can report greater success in repelling network breaches. Even with the right cybersecurity procedure in place, it may not be enough when faced…
-
The Importance of Software Updates for Fighting Cyber Risk
Software updates can often go ignored, with users prompted to update during the workday, or perhaps leaving their machines on overnight. Depending on the program, update frequency has even been a cause of annoyance for those who are unaware of software updates’ importance. Both software updates and security patches of any kind will often provide…
-
Phishing Tactics Targeting the Financial Sector
Phishing is a form of social engineering that seeks to accomplish malicious online attacks. This can be anything from the theft of private information to the installation of malware on a home or private network. The financial sector has been hit harder than ever by cyber crime. Phishing is a common tool in the attacker’s arsenal. Read…
-
Cybersecurity Keys to Securing Microsoft Office 365
The rise in remote work has turned the already popular Microsoft Office 365 suite into an even more widely used digital platform. Many firms rely on Microsoft Office 365 for the effective management of employees. Among other advanced online capabilities, such as version control, document sharing, and collaboration. As employees shift more interactions online, however,…
