The Alternative Investment Management Association (AIMA) has
published new cyber security guidance for hedge fund firms and other asset
managers, setting out a number of steps that these firms should take in
building up their cyber security defences.
The AIMA Guide to
Sound Practices for Cyber Security discusses the nature and scope of
existing and emerging threats and offers guidance on effective methods for
preventing or dealing with them. It also focuses on matters such as governance,
employee related considerations, the technology that can be used for data
protection, threat prevention and threat detection and how these technologies
can be developed in-house or using cloud services.
It also sets out how cyber security programmes fit within
the developing regulatory environment being applied to cyber security matters.
To help smaller fund managers, and managers seeking to
assess the effectiveness of their existing cyber security programmes, the guide
also indicates the level of difficulty that a firm might have in implementing
certain types of threat preventions and threat detection techniques as part of
a cyber security programme.
“Technological advances have brought great efficiencies
to investment managers, but not without introducing new and unexpected risks,”
says AIMA CEO Jack Ingles. “Cyber security is one of the biggest challenges
facing all kinds of businesses today, and yet until now there has been very
little guidance tailored to asset management firms in general, and hedge fund
firms and other alternative asset managers in particular. This has raised
questions both about fund managers’ understanding of the various cyber
security-related issues and how their businesses could be impacted as well as
their overall level of preparedness.
“What is obvious is that vigilance and preparedness is
key,” he continues. “With this guide to sound practices, we hope that our
members will be better equipped to understand and deal with these new and
emerging challenges and threats.”