Mon, Oct 22, 2018
A A A
Welcome Guest
Free Trial RSS
Get FREE trial access to our award winning publications
Industry Updates

Hedge funds test their response to three cyber attack simulations

Tuesday, January 19, 2016
Opalesque Industry Update - The Hedge Fund Standards Board (HFSB), the standard-setting body for the hedge fund industry, has held its first table top cyber-attack simulation for hedge fund managers in London. The HFSB is custodian of the Hedge Fund Standards, and is supported by more than 120 hedge fund managers with $700 billion in aggregate assets.

The objective of the simulation was to explore the response of hedge fund managers to three realistic cyber-attack scenarios:

·Data theft and leakage of internal sensitive data

·Financial infrastructure attack

·Crypto ransomware

These scenarios were chosen to provide simple illustrations of key challenges for hedge fund cyber security professionals. The cyber-attack simulation event was attended by cyber security/IT experts, hedge fund COOs and compliance staff, and institutional investor due diligence staff.

The key insights on cyber security arising from the simulation were:

·Confusion over responsibilities can prevent an effective response. Managers should not consider cyber security as just an “IT” issue, given the legal, compliance, investor relations and reputational issues involved.

·Certain types of cyber-attacks may exceed a manager’s internal response capabilities. Managers should be prepared to quickly access external legal and IT expertise.

·Preparation in advance, through a cyber security incident response plan, is important. This planning establishes responsibilities, pre-identifies external resources and speeds decisions should there be an actual incident.

This is the second large-scale initiative by the HFSB in the area of cyber security, following the publication of the cyber security memo in September 2015 in the HFSB Toolbox . The HFSB Toolbox is designed to complement the HFSB’s standard-setting activities, providing additional guidance to managers, investors and fund directors on practical issues.

Bill Trent, Managing Director at Stroz Friedberg, who was one of the speakers, noted: “This attack simulation exercise has shown that dealing with the technical aspects of cyber-attacks is often only a small part of the overall response, and that the senior management of the firm needs to be well-prepared to manage the aftermath of an incident. Therefore, it is crucial that firms have an incident response plan in place that is understood at a senior level and across the entire firm. It is also important that firms do not overestimate their own capabilities and seek external help when a serious breach occurs.”

The panel also discussed the legal considerations to be taken into account when a breach occurs. This was particularly relevant in the data breach scenario, where material non-public/market moving information was inadvertently leaked.

One hedge fund manager, who attended the event noted: “This event has been an eye-opener regarding the complexity when dealing with the fallout from a cyber-attack, and very timely in light of the heightened regulatory focus, including the SEC’s intention to test firms’ implementation of cyber security procedures and controls. We will revisit our own approach based on the lessons learned.”

Thomas Deinet, Executive Director of the HFSB stated: “This is the second large-scale initiative by the HFSB in the area of cyber security, following the publication of the cyber security memo in September 2015. Simulation exercises are a very powerful approach to sharpen one’s understanding about how incidents can unfold. We encourage managers to revisit the HFSB Cyber Security Memo for helpful guidance.”

The roundtable was hosted by Stroz Friedberg who shared their “war stories” and moderated the attack scenarios. The HFSB is planning to hold a similar event in New York for its North American stakeholders in March 2016.

What do you think?

   Use "anonymous" as my name    |   Alert me via email on new comments   |   
Today's Exclusives Today's Other Voices More Exclusives
Previous Opalesque Exclusives                                  
More Other Voices
Previous Other Voices                                               
Access Alternative Market Briefing

 



  • Top Forwarded
  • Top Tracked
  • Top Searched
  1. BB&T Securities to bolster alternative investment offerings with CAIS platform[more]

    Laxman Pai, Opalesque Asia: The financial services firm BB&T Securities has selects the financial product marketplace CAIS to expand alternative investment access for advisors. A press release from the wholly owned subsidiary of BB&T Corporation said that with CAIS, it will gain access to pr

  2. Europe: Europeans up interest in unconstrained bond strategies, Generali steps up efforts to build multi-boutique business, Nordea bank in new Russia funds complaint, FCA proposes climate risk reporting duty for asset managers[more]

    Europeans up interest in unconstrained bond strategies Unconstrained bond assets are on the rise. Across both retail and institutional accounts, assets under management in these strategies rose from $153.2 billion in Q2 2013 to $289.7 billion in Q2 2018, for a five-year compound annual

  3. Stock slump aftermath: Hedge funds got caught long and wrong before stock slump, The huge 'blackout' that may be deepening market turbulence, Market veterans don't see the bottom yet: 'More selling is yet to come', Hedge funds hold up in rout as defensive stance finally pays off, Rally erupted in gold market days after funds made big bear bet[more]

    Hedge funds got caught long and wrong before stock slump From Bloomberg: In a moment of bad market timing, hedge funds had increased their bullish bets on U.S. stocks to the highest since February, and second-highest in five years, just before last week's sell-off. Speculative net

  4. Robert Citrone's discovery cashes in on bearish bets[more]

    From Institutional Investor: The macro hedge fund is riding strong gains since mid-year thanks to savvy wagers against Italian fixed income and other instruments. Macro hedge funds are finally getting a reprieve, between the bond market selloff and overall financial market volatility - two even

  5. Hedge funds at the 'core' of stock slump may be done offloading, Why hedge funds will stick with ever-risky short volatility trades[more]

    Hedge funds at the 'core' of stock slump may be done offloading From Bloomberg: One quantum of solace for bruised stock bulls: Some of the usual suspects behind last week's rout may be done frightening markets. Equity long-short hedge funds are among the worst-performing categori