By: Paul M. Grassi, CPA, MBA
A combination of self-delusion and excuse-making has left the hedge fund and asset management industries vulnerable to hacks and their costly consequences.
When I talk about the risk of computer attacks to clients, those who run hedge funds and other private asset management firms often dismiss the topic. They always have a reason-or reasons:
"We're too small to be hacked."
"Our security guy is excellent."
"None of the other funds have had break-ins, so I don't think it's really a risk."
"If there's a problem, it won't be that big a deal for us to fix it."
"If we're breached, insurance probably wouldn't cover our costs anyway."
I've heard them all, more often than I can count, which is why I'll be blunt here: The hedge fund community rightly prides itself on sophisticated risk management, but as a whole the industry has been too slow to acknowledge its vulnerability to the ever-more-devious electronic exploits perpetrated by an ever-larger cast of ill-meaning parties.
Consider the headlines. Can the leadership of any firm with hundreds of millions or billions under management truly be sure their operations are more secure than those of Bank of Montreal, Target, Marriott, Equifax, Under Armour, the Democratic National Committee and Jeff Bezos?
Can your security guy really match wits with hackers from Russia...................... To view our full article Click here
|