Page 30 - Cerini & Associates Family Office Guide
P. 30

CYBERSECURITY AND
       DATA PRIVACY FOR FAMILY OFFICES:

       PROTECTING WEALTH AND PRIVACY IN

       AN INCREASINGLY DIGITAL WORLD

































                                                                                      1.      DEVELOP A COMPREHENSIVE CYBERSECURITY POLICY

                                                                                    One of the first steps family offices can take to protect their sensitive data is to create
            F    amily offices, which manage the wealth, financial affairs, and personal matters of   a clear and comprehensive cybersecurity policy. According to CNBC, less than a third
                 high-net-worth families, handle vast amounts of sensitive financial data, personal
                 identification details, and private family information. This makes them a prime   of family offices have well-developed cybersecurity policies, leaving them vulnerable. A
                                                                                    robust policy should address the following elements:
           target  for  cybercriminals.  Over  the  last  decade,  cybersecurity  breaches  within  family
           offices have become increasingly common, and statistics show that these offices are often   ► ►  Password management: Encourage frequent password changes and the adoption of
           at higher risk for targeted data breaches.                                  complex, unique passwords. A password manager can help ensure that staff do not
                                                                                       reuse passwords across platforms.
           Studies show 28% of family offices and family businesses have experienced cybersecurity   ► ►  Multi-factor authentication (MFA):  Using  MFA  can  add  an  additional  layer  of
           breaches. Family offices often function with small teams, have access to high-value assets   security when verifying wire transfers and other sensitive transactions.
           and sensitive financial information, and represent well-known families or celebrities—all
           of which make them an appealing target for cybercriminals. Furthermore, unlike larger   ► ►  Encrypted communication: For high-stakes personal and financial information (like
           corporations,  family  offices  frequently  lack  the  robust  corporate  defenses  that  mitigate   social security numbers or legal documents), encrypted email should be a standard
           such threats.                                                               practice.
                                                                                    ► ►  System backups: Regular backups ensure that data is protected in case of cyberattacks
           Given  these  risks,  it’s  crucial  for  family  offices  to  implement  effective  cybersecurity   like ransomware.
           measures and privacy protections to safeguard not only their wealth but their reputation   ► ►  Virtual private networks (VPNs): A VPN helps secure remote access to family office
           as  well.  We  have  outlined  five  critical  areas  that  family  offices  should  consider  when   systems, safeguarding against external breaches.
           addressing cybersecurity risks.
                                                                                    ► ►  Automatic updates: Ensure that all software and devices are updated regularly to
    29                                                                                 close security gaps.                       CONTINUED ON NEXT PAGE  30
   25   26   27   28   29   30   31   32   33   34   35