Agio is in the serious business of hedge fund cybersecurity. Cybersecurity for these types of financial institutions covers a lot of data, such as clients personal identification, trades, and financial transactions.
To protect this information, Agio recommends that a hedge fund take several precautions. To begin with, they can have a consultation with Agio, which would involve looking at your existing parameters and making any suggestions to fill any gaps or leaks in your current program.
Regulatory groups and governments around the world require security measures because of the international nature of the data that the firms are collecting now. The United States government and the SEC are monitoring cybersecurity and making recommendations.
One of the reasons many hackers pursue hedge funds access is because of the information they can mine from the system. They can capture client’s emails, and with that information, they can start a phishing event.
Phishing is a type of forgery where an unsuspecting individual receives an email that appears to have come from the hedge fund or another trusted source. The hacker stole this person’s email from that source, and now they knew this person would most likely respond to their false request. In many cases, the information is used to get money out of that individual. The email say something like, “You need to send money right away to cover an incident,” and it would appear real.
Another loophole that can allow hacks into the system is the behavior of employees. Employees should be taught what actions create risks in the system and what they can do to prevent any accidental breaches. Employees should know which websites they can and cannot search from their portals and what they should not be accessing or downloading into the system. It is not always a rogue staff member that is wreaking havoc in the system, but it may be untrained personnel.
Protecting a hedge fund from break-ins is a 24/7 job that never rests. The system needs to be on weekends and holidays continually patrolling. Agio has a protocol set in place so that hedge fund managers and staff do with their clients hired them to do, and let other professionals take care of that security measures.
There are several methods that Agio uses to protect hedge funds. Infrastructures can be surrounded and monitored by our technical team. Systems can be watched for any unusual activity or algorithms. In other protective measures, Agio recommends that investors have hedge fund managers fill out a due diligence questionnaire (DDQ), to both highlight positive elements of a fund and also create a risk profile for investors.
Maybe your prevention needs fine-tuning and some new implementations to keep it modern. Hackers change their methods as fast as firewalls, and other protective layers are created, so it is imperative to have a system reviewed and updated as necessary.
Agio has worked under many situations, and they understand that the best defense to protect hedge funds is to be proactive and have protective layers, breach detection, and a recovery system in place.