HFSB has published the results from its first table top cyber-attack simulation for hedge fund managers in London. The objective was to explore responses to three realistic cyber-attack scenarios:

  • data theft and leakage of internal sensitive data;
  • financial infrastructure attack; and
  • crypto ransomware.

Key cyber-security insights arising from the simulation were:

  •  confusion over responsibilities can prevent an effective response. Managers should not consider cyber-security as just an “IT” issue, given the legal, compliance, investor relations and reputational issues involved;
  • certain types of cyber-attacks may exceed a manager’s internal response capabilities. Managers should be prepared to quickly access external legal and IT expertise; and
  • preparation in advance, through a cyber-security incident response plan, is important. This planning establishes responsibilities, pre-identifies external resources and speeds decisions should there be an actual incident.

(Source: HFSB Reports on Cyber-Attack Simulation)