Cyber security generates significant buzz within the alternative investment industry. Last night, May 8, 2014, our Cyber Security dinner, co-hosted at the Andaz on Fifth Avenue with a long-standing client, allowed attendees to further delve into the issues surrounding cyber-attacks. Our discussion leaders included technology and security experts: Pat Mullevey, the Executive Director of Cloud & Support Services at Gravitas, Kent Blossom, the Vice President of Security Solutions at IBM, and J. Paul Haynes, the CEO of eSentire.
The current threat landscape shows a drastic increase in the number of cyber-attacks. As hedge funds fear that they are the next major targets, CEOs are increasing their focus on preventing attacks. However, successfully stopping cyber-attacks requires CEOs to recognize these attacks as a business threat, not a technological one.
Increased spending on cyber security does not eliminate the problem. From a risk management perspective, companies are never going to be able to cover all of their security bases. Companies must assume that their network has been compromised and should constantly assess their security by asking, “What do we have that is worth stealing and how easy is it to gain access?”
Last night’s discussion encouraged companies to lead by example within the industry. An initial step toward doing so is requiring employees to change their passwords every 90 days and never resetting their passwords to an old one used on the same system.
When was the last time you changed your password?