SHARE

Partner Content

How can cyber situational awareness help protect my family office?

“Situational awareness” means having a thorough understanding of one’s environment and the ability to interpret and respond to any current and future threats. “Cyber situational awareness” applies these same principles of readiness to an understanding of one’s digital footprint.

Creating cyber situational awareness in a family office can help ensure that risks are identified and mitigated in an efficient and proactive manner.

The increasing vulnerability of our sensitive personal information and intellectual property makes it critical to understand the intersection of cyber threats and potential risks for individuals, that is, to understand one’s own cyber situational awareness. This understanding is especially critical for families with significant wealth looking to protect their assets, and ultimately, their legacy.

Outlined below are some key principles individuals and family offices should consider in order to improve their situational awareness:

PRIVACY PROTECTION

The sensitive nature and volume of our private information makes it all the more vulnerable to data breaches. Additionally, people are sharing that information using social media and public cloud services with increasing frequency and with little security or controls regarding its use.

The inherent risks in these activities can impact a family’s privacy and reputation, and should be guided by an acceptable-use policy, and protected by nondisclosure agreements. The introduction of such protocols can help reduce information-disclosure risk and diminish current and future attack exposure.

DIGITAL FOOTPRINT REVIEW

Understanding the technology in use, as well as the risks associated with these devices and services, creates a strong framework to build upon. A thorough review can highlight items such as multiple homes, travel, accounts and services that open up additional avenues for attackers to gain access to private information and exploit known and potentially unknown vulnerabilities.

ELECTRONIC INFORMATION INVENTORY

Following the recommended digital footprint review, clients and their families should meet with cyber-risk advisors to review how and where their sensitive electronic data is stored, and how that data is transmitted, accessed and managed.

A formal information access control policy is also recommended to ensure that information is appropriately secure, available only to those who need it and, in an emergency, accessible only by authorized parties.

INCIDENT RESPONSE AND MANAGEMENT

A real and growing concern for families is what to do in the event of a financial fraud incident, “ransomware” event or other cyber attack. In the event of an incident, a well-prepared family office will have easy access to cyber, fraud and forensic experts to help identify the point of breach, mitigate impacts and prevent any recurrence.

This preparation enables families to navigate the dynamic threat landscape, with proper guidance and peace of mind in moments of crisis.

REPUTATION PROTECTION

Social media profiles and digitally available information on the public internet or dark web may expose clients to reputational damage and other risks, such as identity theft. Open source intelligence managed by a cyber advisor can be leveraged by families to identify potentially detrimental situations early on, helping to minimize the likelihood of reputational damage.

EDUCATION AND GUIDANCE

Security awareness training for clients, family members and employees is an important but often missed aspect of risk management. Everyone should understand current threats and how risks can be mitigated, transferred or eliminated. Ongoing guidance from a cyber-risk advisor can provide critical benefits, such as notifications of new threats, assistance in onboarding new employees and up-to-date training materials about policies and best practices.

Creating cyber situational awareness in a family office can help ensure that risks are identified and mitigated in an efficient and proactive manner. With the requisite oversight and governance strategies in place, you can find comfort in navigating the path to protecting your sensitive data and reputation.

This article was originally published in the June/July 2016 issue of Worth.

Topics

Disclaimer: Worth magazine is a financial publisher and does not recommend or endorse investment, legal, insurance or tax advisors. The listing of any firm in the 2019 Worth® Leading AdvisorsTM Program does not constitute a recommendation or endorsement by Worth magazine of any such firm and is not based upon Worth magazine’s experience with, or prior dealings with, any advisor. The information presented for each advisor, including but not limited to any related profile, statistical data, presentation, report, commentary, recommendation or strategy, has been provided by such advisor without review or independent verification by Worth magazine. Any such information is the sole responsibility of the advisor. Worth magazine makes no representation or warranty as to the accuracy or completeness of such information, assumes no liability for any inaccuracies or omissions therein and disclaims responsibility for the suitability of any particular investment recommendation or strategy for any person. Nothing contained in Worth magazine constitutes or should be construed as any form of investment, legal, insurance or tax advice or as a recommendation to buy, sell, hold or trade any securities, financial instruments or assets. Readers are advised to consult their legal, financial, insurance and tax advisors prior to making any investment or pursuing any investment strategy. Past, model or hypothetical performance is not indicative of future results.

back to top