High net worth individuals and the family offices that serve them are easy targets for cyber criminals. Wealthy individuals may have assets similar to those of a large corporation, but few or no security measures in place to guard against threats or breaches.
With the recent Yahoo hack of 500 million email accounts, cyber security is once again in the headlines. Yet much of the current cyber-risk conversation is focused on large data breaches, the requisite notice to consumers and the offers of credit monitoring to mitigate the risk.
Cyber threats to wealthy individuals and their family offices, however, are distinct because the primary risk for the family office comes from the family itself, and vice versa. While insurance may provide a layer of protection for the family office, the office manager, the family and everyone else involved should be thinking beyond insurance, to reduce the risk of an event that could devastate the family’s finances, reputation or physical security.
One example is a scenario in which a family member routinely requests the transfer of funds via email to his or her family office. Behind the scenes, however, the family member’s email has been secretly monitored by a cyber criminal for more than two months. That way, the hacker learns about this family member’s habits, such as the individual’s writing style, when he or she makes requests, to whom, for how much, etc. At just the right time, the hacker then puts a plan into action and requests the transfer of funds from the family office, thereby siphoning off, undetected, a small fortune.
The primary risk for the family office comes from the family itself, and vice versa.
The frequency of this type of crime, and others like it, is staggering, and the ease and impunity with which it is carried out should be a wake-up call. Cyber threats to high net worth individuals also include the threat of extortion from personal information discovered in a breach, as well as cyber stalking, which often starts from social media interactions and can result in blackmail or even kidnapping. There have even been physical thefts of entire family office servers, whose information was accessed and stored by thieves knocking down walls to get the valuable data they desire.
To avoid such a scenario, family office personnel should have a comprehensive cyber-and crime-insurance program in place to protect and assist them if the worst happens; however, they should also minimize the risk long before a devastating event actually occurs.
Trusted risk-management professionals should be asking the hard questions and providing solutions to help a family office engage in a cyber-risk audit that covers the office’s own operations and those of the family. Email accounts, wi-fi networks and mobile devices are all vulnerable parts of everyday life that can lead to a breach that gives a criminal access to all the personal information needed to mount an attack.
The threat of cybercrimes can create a terrifying landscape for high net
worth individuals and their family offices, as they consider the myriad of attacks possible on a daily basis. Here, insurance and risk mitigation play a vital role in protecting individuals, families and family offices; and awareness of these evolving threats is increasingly important in today’s digital environment.
This article was originally published in the December 2016/January 2017 issue of Worth.