According to Bart McDonough, CEO of Agio, 2019 will be known as the “Year of Financial Fraud.” Hackers are becoming increasingly more sophisticated with complex phishing schemes hitting multiple firms at a time; hedge funds and private equity firms handle a tremendous amount of data, making them vulnerable to cybersecurity breaches. The data these firms work with come in many different forms, ranging from investment proposals, portfolio management data, and even PowerPoint slides from investment pitches. The sheer volume and variety of digital assets increase exposure to cybersecurity attacks, heightening the importance of outside digital protection for private equity firms and hedge funds. Agio, an financial services technology firm, asserts that hedge funds are uniquely easy to secure compared to the cyber needs of private equity firms.
At first glance, this may seem like a controversial stance. While it is true that hedge funds can deal with a broader range of security needs and more complex systems, it is essential to realize that a large portion of digital security is linked with geographical location. It is far easier to secure digital assets when an IT team can predict where a company’s devices connect from and how the data moves.
Private equity requires a lot of travel, from pitching to companies to investment roadshows. This constant travel makes it very hard to predict where company devices connect and how sensitive moves – employees can be connecting from almost anywhere in the world. On the other hand, most hedge funds tend to require far less travel than private equity firms. It is far easier to secure an office or two rather than monitoring every single company device.
Availability of traditional security also makes a difference. Employees can be a potential vulnerability too. The presence of traditional security, such as on-premise guards, can prevent accidental leakage of information and prevent unwanted people from stepping into a trading room. Agio knows that employees can share sensitive information on accident, which is why they offer on-premise physical security as a way to bolster all security measures.
Agio asserts that hedge fund cybersecurity inherently is strong due to the type of their structured data and limited client-facing nature. A structured database stores and uses information in a way that only the database can understand, which means a data point would present only gibberish to a person. Special software is typically needed to make any individual data point understandable. Unstructured data, on the other hand, is easily accessible information such as a PowerPoint slide.
Most hedge funds have very few clients and rarely have to raise funds, so there is typically little unstructured data present on employee machines. Private equity firms are much more client-focused, which means there are far more unstructured documents such as spreadsheets and slide decks. While Agio offers solutions for unstructured databases, it is far easier to secure structured data than unstructured data.