Barely a day goes by without a cyber-attack or other incident hitting the mainstream press. In recent times we have seen a number of high-profile cases with large companies such as TalkTalk and Sony Pictures. What is not reported with the same gusto is the impact of cyber-attacks, breaches or incidents on individuals or family offices — but that doesn’t mean they aren’t happening.
Most attacks stem from organised criminals simply looking to make money, whether by siphoning through payment systems or by targeting decision-makers through ever more sophisticated spear-phishing emails. Many assume that they will know if they have been hacked — not so. A successful hack may sit undetected, with unrestricted access to systems and data, for months and in some cases years.
When considering cyber-security in the family office context, the focus is often on expensive and sophisticated technology solutions, but the margin of vulnerability is often greater when it comes to people and process. What are they releasing online, particu-larly on social media, and could the aggregation of that data create a fuller picture which may be used to target family members or their interests?
This came to light recently when a well-known businessman spent millions of dollars on physical security only to have his daughter post photos on social media which held metadata, including time and location details, providing a target pack to any nefarious individuals.
Cyber-security can be seen as too expensive and complicated, but this need not be the case: improving your security does not need to be focused on advanced, hi-tech solutions. It incorporates how you communicate with your advisers, employees and family members. It is how you make payments or confirm your travel plans.
Paul Reilly is a Cyber-Security Expert at KPMG in the UK
This article was originally published in Spear's 'The Future of Family Offices' supplement