The Hedge Fund Standards Board (HFSB) published a press release summarising lessons learned from its first table-top cyber-attack simulation for hedge fund managers in London on 21 January 2016.
The aim of the simulation was to investigate the response of hedge fund managers to three situations:
- Data theft and leakage of sensitive data.
- Financial infrastructure attack.
Lessons learned from the simulation included:
- Confusion over responsibilities can prevent an effective response. Cyber security should not be considered as just an IT issue, given the legal, compliance, investor relations and reputational issues involved.
- Certain types of cyber attacks may exceed a manager’s internal response capabilities. They should be prepared to quickly obtain external legal and IT expertise.
- It is important to prepare in advance using a cyber-security incident response plan.
The simulation follows the HFSB’s publication of a memo on cyber security for hedge fund managers In September 2015.