Articles & Alerts

Does Your Family Office Have an Adequate Cybersecurity Plan?

March 28, 2022

Cybersecurity is a frequently discussed topic in the news.  From geopolitical attacks due to the recent Russia-Ukraine conflict to ongoing attacks on those less secure, having a cybersecurity plan is more important than ever.  High-Net-Worth (HNW) individuals and family offices have always been lucrative targets for cyber criminals, as they tend to be high-value targets without the same level of cybersecurity as corporations.

As individuals continue to work from home, the cybersecurity risks have only become greater, as home networks tend to be less secure than the ones employees use in-office.

Still, almost half of all family offices report having no dedicated cybersecurity policies in place. This could lead to substantial financial and even reputational losses. Luckily, the majority of cyber fraud schemes can be thwarted by instituting a few basic cybersecurity measures.

Some basic items you should have in place include:

  • Ensure you have Multi-Factor Authentication in place. This makes it harder for adversaries to access sensitive information and systems. It is best to use a third-party application like Duo, Google Authenticator or Authy rather than SMS.
  • Have and test your Data Backups to ensure that information can be accessed following a cyber security incident. It is important to perform daily backups of critical data.
  • As part of your data backup and operating plan have a Cloud First Strategy to secure your sensitive data. It’s more likely that your cloud provider has stringent security protocols and updates their systems regularly.
  • Knowing what to do if trouble strikes is imperative. Having an Incident Response Plan can mitigate many of the risks that come with falling victim to a cyber attack and reduce your remediation time.
  • Being up to date on the latest threats is critical. Typically, the easiest way in is through weak or careless activity from family or staff.  Family and Staff Cyber Training can drastically minimize the chances of a breach.
  • Cyber attacks are expensive, and offloading some of that risk to a third party can aid risk management efforts. Cyber Insurance can help to cover the costs of recovery from a cyber attack and to minimize business disruption both during and after the attack.
  • Having an IT team is not the same as having a dedicated Trusted Security Team, who can take a holistic protection of IT systems against cyber threats.

Remember, a cyber-attack can happen to anyone. Taking the necessary precautions may protect you from becoming a part of the statistic.  If your Single-Family Office or Multi-Family Office can’t answer all, or at least most of, the preceding questions, you may want to discuss improving your cybersecurity plan with your Anchin Relationship Partner and Russell Safirstein, President of Redpoint Cybersecurity. Your wealth and your identity may be on the line.