Vulnerability management
-
Linedata Breach – August 11th, 2025
Linedata’s Icon was targeted in a cyber attack on 11th August, 2025. The attack has resulted in reported outages of Icon while the investigation and recovery process are in progress. Their official statement is available here. The attack highlights that firms should always remain vigilant to an often-quoted phrase, “It’s a matter of when you’ll…
-
Impersonation Scams on Messaging Apps
A noticeable uptick in impersonation scams has raised concerns among organizations that regularly interact with clients and potential investors. Armed with basic reconnaissance and alternative communication platforms like WhatsApp and Telegram, malicious actors pose as legitimate company representatives, duping unsuspecting targets into disclosing sensitive information or investing money under false pretenses. Below is a concise…
-
What is Salt Typhoon?
An advanced persistent threat (APT) group identified by Microsoft as “Salt Typhoon” has been credited with recent attacks against global communications networks, including internet service providers and telephone companies. U.S. officials claim the group has likely links to the Chinese Ministry of State Security, China’s principal civilian intelligence service responsible for foreign intelligence, counterintelligence, and…
-
The Interplay of AI, Vendor Risk, and Human Error in Cybersecurity
An effective cyber program must have the ability to continuously evaluate your critically important vendors and train your team members on the most up-to-date cybersecurity standards. Drawbridge’s CEO William Haney was recently joined by our CISO Simon Eyre and Spencer Wilson, SS&C Technologies’ Director of Strategy and Operations for a webinar all about the increasing…
-
[Webinar recording] Investment Firms and AI: Navigating New Challenges in Due Diligence, Risk Management & Cybersecurity
In this webinar recording, experts from Dataprise & Drawbridge explored the critical adjustments investment firms must make in light of AI and Large Language Models’ (LLMs) evolving risks. With a focus on actionable advice, this webinar recording: Dives into the rapidly evolving impact AI and LLMs is having on vendor risk management, and cybersecurity, Outlines…
-
SEC Cyber Rule – Get Ready Webinar Series
Join Drawbridge as we host a series of webinars on proposed Cyber Requirements for Rule 206(4)-9, Rule 38a-2, and Amendments of 204-2. Through the course of five webinars, Drawbridge will discuss what firms can accomplish now despite the extended comment period until May 22, 2023. These webinars will be hosted each Wednesday at 12pm EDT…
-
Webinar replay: SEC Cyber Rule – Get ready webinar series
Drawbridge is hosting a series of webinars on proposed Cyber Requirements for Rule 206(4)-9, Rule 38a-2, and Amendments of 204-2. Through the course of five webinars, Drawbridge will discuss what firms can accomplish now. If you missed the live event ‘Risk Assessment (Internal, Cloud, & Critical Vendors)’ , you can still catch the on-demand version…
-
Finextra: Why underwriters are struggling to price cyber risk insurance policies
Cyber is the most important global business risk for 2023 but underwriters are struggling to price cyber risk policies because they don’t have the tools to accurately determine their clients’ risk posture. In this article for Finextra, Drawbridge Founder and President Jason Elmer highlights why cybersecurity measures are essential and cyber insurance coverage, as an…
-
Webinar Recap: SEC and Cybersecurity in 2023 – The Steps Your Firm Must Take Today
In 2022 the SEC made cybersecurity an examination priority and proposed new comprehensive cybersecurity rules for alternative investment advisors and funds. With this increased attention, cybersecurity is no longer only a matter of protecting a firm’s reputation; it’s a critical component of compliance that can significantly impact your business operations. As we await new SEC…
-
IBS Intelligence: Increasing demands on cybersecurity as finance evolves
Increasingly, conversations stray from traditional finance to include the Metaverse and open finance. While full implementation of these models is likely far off, early adopters already have begun using these systems. The recent rise in FinTech’s as a result, has posed a challenge for regulators and as these services continue to expand – cybersecurity must…
-
Webinar Recap: How the SEC’s New Proposed Cybersecurity Rules Could Change Your Firm’s Security Requirements
The U.S. Securities and Exchange Commission (SEC) has proposed cybersecurity rules that represent a revolutionary approach to cybersecurity and will affect all firms in the alternative investment industry – including yours. Regulatory pressure is rising – and firms must prepare now to ensure they can meet and exceed current and future expectations. But what will the SEC’s…
-
August 19, 2022: Drawbridge Releases Latest Version of Cybersecurity Program Management Platform
Release continues focus on quality-of-life and functional enhancements. Drawbridge is pleased to announce another update to the Drawbridge cybersecurity program management platform . We completed QA earlier this week and promoted the latest version of the platform to production overnight. Following is a recap of enhancements released this week. Continued Focus on Vulnerability Management Drawbridge continues to…
