A family office is exactly what it sounds like. It manages the daily affairs of a family – including access to tax and banking information, personal files, trust services, education funds, and more. The Family Office also often connects to an outside business office.
I think we can all agree that it’s critical this information is secure. But is cybersecurity a big risk?
The answer is an obvious yes.
Think about it. A wealthy family’s assets can eclipse most mid-market company’s assets. If the Family Office is managing a wealthy family’s risk, then shouldn’t they be doing the same things for the family that a board of directors for a mid-market company would do for their organizations? Most mid-market companies with $100M in assets have an audit committee that monitors the organizations cyber security policy compliance.
From a technology standpoint a wealthy family’s IT assets and networks can at times be more expansive than most sophisticated mid-market businesses. These same assets are connecting to networks in multiple homes and usually across multiple businesses and business offices. Managing the security across so many diverse networks is hard enough for a sophisticated company, but for a Family Office it is almost impossible.
The Family’s networks may have firewalls and the laptops/computers may be running anti-virus but when is the last time the firmware was updated on the routers, switches and WIFI? Is the firewall managed? What about true end-point protection, Security Information and Event Management (SIEM), vulnerability scanning or netflow analysis? Is anyone considering threat intelligence?
Of course not, but should they? In many families the assets under management are far more diverse than a sophisticated corporation that does have all of these cyber protections.
Family members have a range of understanding when it comes to cybersecurity.
In a sophisticated corporation, employees would be trained to recognize a phishing message, there would be a cyber response plan, there would be employee policy documents for what is allowed and not allowed on the network and each vendor would have to have cyber insurance and be open to cyber security audits.
Family members also tend not to use encryption, backup their data, or update vulnerable software. But they do tend to send information over the internet in clear text and use risky software such as BitTorrent and Tor.
In order to reduce cybersecurity risk, Family Office members should be educated on the following:
NetWatcher provides continuous monitoring to assess threat levels and manage network security. For a free demo to see how we can help, click here.