The Hedge Fund Standards Board (HFSB) published a press release summarising lessons learned from its first table-top cyber-attack simulation for hedge fund managers in London on 21 January 2016.

The aim of the simulation was to investigate the response of hedge fund managers to three situations:

  • Data theft and leakage of sensitive data.
  • Financial infrastructure attack.
  • Crypto-ransomware.

Lessons learned from the simulation included:

  • Confusion over responsibilities can prevent an effective response. Cyber security should not be considered as just an IT issue, given the legal, compliance, investor relations and reputational issues involved.
  • Certain types of cyber attacks may exceed a manager’s internal response capabilities. They should be prepared to quickly obtain external legal and IT expertise.
  • It is important to prepare in advance using a cyber-security incident response plan.

The simulation follows the HFSB’s publication of a memo on cyber security for hedge fund managers In September 2015.