Managing money and finding alpha is never easy. In addition to tough trading and market conditions, fund managers must also address cybersecurity risks. Cyber-attacks against large banks generate most of the headlines, but asset managers are also targeted. According to a 2015 report by the Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations, 74% of registered investment advisors surveyed by the SEC have experienced cyber-attacks, either directly or through their vendors.

With malware, ransomware and other cyber-attacks becoming more sophisticated, fund managers could suffer bigger losses from a data breach than a bad trade”

Given the elevated data privacy risks, private equity and hedge fund managers, together with their technology, legal and compliance teams, should protect themselves against cyber-attacks and comply with SEC, Commodity Futures Trading Commission and National Futures Association regulations by undertaking a five step plan that includes designating a chief information security officer, assessing risk, maintaining written policies and procedures, developing cybersecurity controls and developing a comprehensive information security program.