1. You are here:
  2. Homepage
  3. Resource library search
  4. Cyber Security (Small & Mid-Size Firms)
Memo
14 May 2019

Cyber Security (Small & Mid-Size Firms)

Firms of all sizes need to mitigate cyber risks. In this memo we provides practical cyber tools including frameworks, contractual requirements, and regulatory expectations for small and mid-size managers.

Cyber threats can include theft of sensitive data and financial assets, business disruption, and reputational damage. As such, it is important for firms of all sizes to mitigate these risks. This memo builds on the 2015 Toolbox memo on Cyber Security focusing on the needs of small and medium size firms. It discusses how to shape cyber security strategies and oversee cyber risk.

This memo addresses the following:

  • A Cyber Defence Framework, including risk governance, cyber hygiene, resilience, and incident response planning,
  • Cyber Hygiene Implementation – SBAI Basic Approach, including key IT and network controls, why these matter and how they work, and calibration of cyber controls,
  • Due Diligence on Managed IT Service Providers including assessment of controls and assurance testing, and 
  • Examples for a simple table-top cyber security exercise.

 

Cyber Security (Small & Mid-Size Firms)
Download

Related topics

Emerging Managers Cyber Security Governance SPARK
Return to listing

You may also be interested in

Governance.jpg
26 Jan 2024

GP-Led Secondaries: New SEC Rules Impact on Valuations and Conflicts of Interest

The Securities and Exchange Commission (SEC) has introduced new rules to address conflicts of interest when advisers offer investors the choice between selling or exchanging their interests in a private fund for interests in another vehicle managed by the adviser or related parties. In this piece, we explore the impacts of these new rules for investors and managers and highlight considerations for effective implementation.

Memo
Governance.jpg
11 Sep 2023

Third Party Messaging Apps

Recent and ongoing enforcement actions by US regulators highlight the importance of maintaining compliance with recordkeeping requirements.

Memo
Regulatory engagement.jpg
11 Sep 2023

SBAI's Initial Assessment of the SEC's Private Fund Adviser Rule

Our initial assessment of the SEC's Private Fund Adviser Rule[1] is that while there is less prohibition and more disclosure, it remains overly prescriptive. While some controversial aspects in the original proposal have been modified, the rule will bring significant changes to the regulation of Private Fund Advisers that may still fail to address the root of governance failures.

Article
Cyber security.jpg
28 Jul 2023

Clone Investment Firm & Impersonation Fraud

Clone investment firm and impersonation fraud is receiving fresh attention as more sophisticated tools are being used to defraud investors, posing significant financial and reputational risk to both investors and managers.

Article