SBAI » Cyber Security

Bringing managers and investors together to set standards for the alternative investment industry

Cyber Security

Cyber security has become an increasingly prominent focus of the industry. Regulators also are taking a strong interest in understanding and assessing the resilience of regulated firms to cyber-attacks. Following the publication of the first SBAI Cyber Security Memo in 2015, the SBAI has published an updated Cyber Security Memo 2019 focusing on small and medium-sized alternative investment managers (see press release here). The new Memo provides a series of practical tools these managers can consider, including:

  • A cyber defence framework
  • A basic cyber hygiene implementation (the “SBAI Basic Approach”)
  • Due diligence of managed IT service providers
  • An overview of regulatory expectations
  • Examples of contractual requirements for technology service providers
  • Summary of cyber security testing options

The SBAI also ran a series of table-top cyber-attack simulation exercises with its Signatories and Investor Chapter Members to help the industry explore responses to realistic attack scenarios, including data theft, financial infrastructure attack and crypto ransomware.