Planning Your Cybersecurity Strategy: Breakfast Recap
Weren’t able to make it to our cybersecurity breakfast? Read below for a recap of the event, including three major takeaways that you can incorporate into your strategy today.
On Wednesday, May 27th, more than twenty guests gathered at the Lambs Club in New York for a breakfast seminar on cybersecurity planning and best practices. The seminar featured remarks from RFA CTO Grigoriy Milis, in addition to a keynote presentation led by Dell Secureworks CISO Doug Steelman.
The event was a response to the ever evolving threat landscape, in which attackers are consistently targeting hedge funds by stealing investment data, corrupting trade operations and gaining control of infrastructure. With protecting against cybersecurity threats a consistent hot topic for the hedge fund industry, the discussion focused on steps attendees could take to ensure that their cybersecurity strategy is in line with the most relevant regulations.
During his presentation, Doug addressed several topics, including how to communicate essential technical information to boards and senior leaders to allow for strategic decision making, how to appropriately budget for cybersecurity, and which types of threats are targeting hedge funds.
Below are three major takeaways from Doug’s presentation:
When evaluating threats, focus on the “who” as opposed to the “what.” It’s important to gather as many details as possible on the types of attackers you could encounter including the country they are from, what their capabilities are, and what their intent is.
When it comes to the “who” of cyber threats, also known as the threat actor, keep in mind there are different types. Two of the most common threat actors are criminal hacktivists and nation states.
When beginning cybersecurity planning for your hedge fund, first evaluate how well received your firm is to receive a threat. One of the best methods of threat prevention is to ensure your staff is well trained on the cybersecurity landscape. While human error can never be entirely mitigated, regularly scheduled employee training sessions can help minimize the risk. Training sessions should focus on establishing policies and procedures for responding to threats, in addition to educating employees on what threats look like.
Be sure to stay tuned for future seminars by visiting our Events page!