HFSB has published the results from its first table top cyber-attack simulation for hedge fund managers in London. The objective was to explore responses to three realistic cyber-attack scenarios:
- data theft and leakage of internal sensitive data;
- financial infrastructure attack; and
- crypto ransomware.
Key cyber-security insights arising from the simulation were:
- confusion over responsibilities can prevent an effective response. Managers should not consider cyber-security as just an “IT” issue, given the legal, compliance, investor relations and reputational issues involved;
- certain types of cyber-attacks may exceed a manager’s internal response capabilities. Managers should be prepared to quickly access external legal and IT expertise; and
- preparation in advance, through a cyber-security incident response plan, is important. This planning establishes responsibilities, pre-identifies external resources and speeds decisions should there be an actual incident.
(Source: HFSB Reports on Cyber-Attack Simulation)