As you’re probably aware, the topic of cybersecurity has been splashed prominently across headlines lately. Earlier today, the US director of national intelligence, James Clapper, identified cybersecurity as the top global threat – even more treacherous than terrorism.
In his testimony before the Senate Intelligence Committee, Clapper cited several attacks on banking websites where sensitive customer data was compromised, as well as a security breach at an oil company that resulted in the destruction of 30,000 computers. If hackers are capable of such large-scale, damaging attacks, could investment management firms be at risk? What should you be doing to better protect your firm’s critical systems and data?
The truth is both large, well-established hedge funds and smaller startups are equally at risk of intrusion. Hackers may target large firms because they see an opportunity to profit from their substantial asset pools. Additionally, they might be after the notoriety associated with successfully hacking a well-known fund’s critical systems, especially in cases that will likely garner media attention. For smaller funds, hackers are likely after intellectual property, namely business plans, market forecasts and investment strategies.
What new threats are out there and how can firms better protect themselves from a cybersecurity breach?
Hackers are always seeking new ways to gain access to protected systems and accomplish their goals. Antivirus and anti-malware developers are likewise on the hunt for ways to protect these systems and data from new intrusion methods. To increase protection, investment firms should employ a “defense in depth” strategy. This includes maintaining up-to-date antivirus and anti-malware software as well as network firewalls, deep inspection proxy and IDS/IPS to reduce the amount of traffic on the network. (Checkout: Malware Definitions & Security Tips.)
Unfortunately, even a network that’s equipped with the most recent O/S and fully upgraded applications with robust anti-malware tools in place can still be vulnerable to a cyber attack. This is because, in the ongoing Hackers v/s Anti-malware Developers Arms Race, hackers maintain the upper hand. They simply familiarize themselves with the most widely used antivirus tools, exploit software vulnerabilities that have not yet been acknowledged by the vendors and outsmart endpoint protection programs.
The Good News? It has historically been that the anti-malware developers have deeper pockets than hacker groups. However, it appears that this is beginning to change. One troubling new trend that has emerged recently is state-sponsored hacking. According to a recent New York Times report, the Chinese government has been accused of fostering the efforts of hackers targeting organizations in the US and around the world to gain access to sensitive information. Similar stories have begun to surface from Russia and other nations as well. With sponsorship from national governments or other large resource pools, hackers are going to get more sophisticated and more difficult to detect.
So, what should you do to protect your fund? First, be sure to have all of the defense layers in place that we mentioned earlier, such as antivirus and antimalware tools and firewalls. You may also want to consider a more robust, comprehensive intrusion detection systems such as the one provided by our friends at eSentire, which can mitigate a potential threat before irreparable damage is done.
Once these tools are in place, fund managers should educate their employees on potential security risks and train them on best practices for mitigating those threats. Policies should be in place around:
Information Security Incident Management
Personal Communications/Mobile Device Management
Often times, staff members don’t realize the extent of the risk to the organization if a cybersecurity attack occurs or sensitive company data is compromised. Employees who understand security threats and how to thwart them will serve as your fund’s best asset for keeping systems and information secure. Read more about Security Policies in this article.