Having in place a ‘cybersecurity response plan’ is vital if hedge fund managers in London are to deal effectively with this threat.
Having in place a ‘cybersecurity response plan’ is vital if hedge fund managers in London are to deal effectively with this growing threat.
This is one of the key findings of the Hedge Fund Standards Board’s (HFSB) first ever tabletop cyberattack simulation.
It was also observed that with certain types of attacks, the ‘internal response capabilities’ of managers is lacking in the expertise needed to respond appropriately.
‘Confusion over responsibilities’ was another key finding, emanating from the fact that cybersecurity is seen as being principally an IT issue.
“This event has been an eye-opener regarding the complexity when dealing with the fallout from a cyberattack.”
“This event has been an eye-opener regarding the complexity when dealing with the fallout from a cyberattack,” an anonymous hedge funder manager who participated in the simulation was quoted as saying.
“[It was also] very timely in light of the heightened regulatory focus, including the SEC’s intention to test firms’ implementation of cybersecurity procedures and controls. We will revisit our own approach based on the lessons learned.”
Hedge fund managers participating in the event were tested on their ability to respond to ‘three realistic’ cyberattacks’ that might be directed against them.
These included data theft and leakage of internal sensitive data, financial infrastructure attacks and crypto ransomware.
This event comes on the back of HFSB’s expansion of its toolbox in September of last year.
The toolbox, which offers supplementary advice and support to hedge fund managers, now contains a Cybersecurity Memo.
“Cybersecurity has emerged as a critical area of focus for the entire financial services sector,” Dame Amelia Fawcett, chairman of the HFSB, said at the time.
“In its continual process of providing practical help to all of its key stakeholders, the HFSB has developed timely and practical guidance to help firms manage this complex and important area of risk.”