Page 31 - Cerini & Associates Family Office Guide
P. 31

CYBERSECURITY AND
 DATA PRIVACY FOR FAMILY OFFICES:

 PROTECTING WEALTH AND PRIVACY IN

 AN INCREASINGLY DIGITAL WORLD

































       1.      DEVELOP A COMPREHENSIVE CYBERSECURITY POLICY

     One of the first steps family offices can take to protect their sensitive data is to create
 F  amily offices, which manage the wealth, financial affairs, and personal matters of   a clear and comprehensive cybersecurity policy. According to CNBC, less than a third
 high-net-worth families, handle vast amounts of sensitive financial data, personal
 identification details, and private family information. This makes them a prime   of family offices have well-developed cybersecurity policies, leaving them vulnerable. A
     robust policy should address the following elements:
 target  for  cybercriminals.  Over  the  last  decade,  cybersecurity  breaches  within  family
 offices have become increasingly common, and statistics show that these offices are often   ► ►  Password management: Encourage frequent password changes and the adoption of
 at higher risk for targeted data breaches.  complex, unique passwords. A password manager can help ensure that staff do not
        reuse passwords across platforms.
 Studies show 28% of family offices and family businesses have experienced cybersecurity   ► ►  Multi-factor authentication (MFA):  Using  MFA  can  add  an  additional  layer  of
 breaches. Family offices often function with small teams, have access to high-value assets   security when verifying wire transfers and other sensitive transactions.
 and sensitive financial information, and represent well-known families or celebrities—all
 of which make them an appealing target for cybercriminals. Furthermore, unlike larger   ► ►  Encrypted communication: For high-stakes personal and financial information (like
 corporations,  family  offices  frequently  lack  the  robust  corporate  defenses  that  mitigate   social security numbers or legal documents), encrypted email should be a standard
 such threats.  practice.
     ► ►  System backups: Regular backups ensure that data is protected in case of cyberattacks
 Given  these  risks,  it’s  crucial  for  family  offices  to  implement  effective  cybersecurity   like ransomware.
 measures and privacy protections to safeguard not only their wealth but their reputation   ► ►  Virtual private networks (VPNs): A VPN helps secure remote access to family office
 as  well.  We  have  outlined  five  critical  areas  that  family  offices  should  consider  when   systems, safeguarding against external breaches.
 addressing cybersecurity risks.
     ► ►  Automatic updates: Ensure that all software and devices are updated regularly to
 29     close security gaps.                       CONTINUED ON NEXT PAGE  30
   26   27   28   29   30   31   32   33   34   35   36