Cybersecurity: How Safe Is Your Family Office?
Family offices are at high risk of targeted data breaches. According to a recent report from UBS, more than 22% of the family offices in North America have experienced a recent cyberattack. The panelists shared reasons, including family offices are using older technology, as well as potentially older processes and practices that are dated. They also felt that, often, family offices may not want to upgrade or bring on more vendors because they’re worried that they're taking on more risk. Yet, most family offices are run like businesses, which means they would need to endeavor to have the proper protections in place.
By understanding attack vectors and vulnerabilities, family offices can take steps to protect themselves against cybercrime. The key is prevention, detection, and response. The best way to deal with a cyberattack is to prevent it from happening in the first place. This is done by layering in multiple levels of protection: providing security awareness training to employees, implementing an access control policy of least privilege necessary to perform the job, patching your computers, anti-spam filters, firewalls, and endpoint security. This is just the tip of the iceberg on what can be done to bring that “peace of mind” over cybersecurity to life.
If a threat manages to bypass all the prevention methods, it is important to have the ability to detect when it occurred. Some threats perform their attack as soon as the defenses are penetrated, such as ransomware or denial of service attacks. Others lie dormant in their system, listening to communications, collecting information, waiting for the perfect opportunity to get the best return on investment. The key is reducing the time to detect and responding as quickly as possible. Some of the tools discussed to help are endpoint detect and response systems (EDRs), threat hunting systems, security information and event management systems (SIEMs), or other similar tools.
Once a threat is detected, an appropriate and timely response is vital. It must be one that mitigates the most financial – and, often, reputational -- damage. The largest business costs due to cyberattacks are downtime (the time spent bringing systems back online rather than conducting business), bad PR, paying off a ransom, and the resulting loss from being scammed by someone impersonating executives and soliciting fraud via wire transfer. Having an incident response plan in place before an incident happens is the most critical piece to this. There is nothing more stressful than having to build this out or not knowing what to do next in the middle of such an incident.
By reducing the time to find a breach, whether it be a malicious attack, a system glitch, configuration error or just human error, you significantly save in terms of your overall costs. According to IBM, breaches that took longer than 200 days to identify cost an average of $4.8 million and organizations that had more than 50% of their workforce working remotely took 58 days longer to identify. The average savings for containing a breach in less than 200 days was about $1 million.
The panelists finally discussed the importance of both an incident response plan and business continuity plan implemented and tested. They also stressed the importance of an AI-driven endpoint protection system, and training employees to reduce your attack surface and therefore the total cost of a breach.
How Can We Help
If you need any helps, please feel free to contact us.