protecting the family office

Protecting the Family Office in a Technically Agile WorldBest Practices in Cyber Security

AGENDA

• About Hillard Heintze

• Protecting the Family Office

• How do you Prepare?

• Questions and Discussion

HILLARD HEINTZE © 2015 | Protecting What Matters 2

Hillard Heintze is one of the foremost investigation, security risk management and law enforcement consulting firms in the United States. We help clients protect their people, performance, interests and reputations by providing services that yield insight, deliver assurance and instill confidence.

ABOUT HILLARD HEINTZE


Howard Fisher, Vice President,Strategic Relationships

Steven Bova, Senior Director, Information Technology



We serve as a trusted advisor to senior executives and high net worth individuals –and their Family Offices – in designing and implementing security strategies based on the same protocols that protect the U.S. President and other high-profile, at-risk leaders and dignitaries.

5


HILLARD HEINTZE © 2015 | Protecting What Matters

Prevention Integration Enablement Agility Assurance

– not merely response and crisis management.

– across the critical drivers of structure, people, process and technology.

– by aligning with family objectives and being inclusive vs. restrictive.

– in the face of risks that constantly evolve.

– because security is ultimately about confidence and risk management.

Effective security risk management requires a strategic approach in line with five principles

Threats• Cyber threats• Family use of social media• Identity thieves • Insiders• Emotionally challenged • Terminated employees• Organized criminals• Corporate espionage• Disgruntled investors• Troubled family members


Vulnerabilities• Information security• Travel and transportation• Physical and

technical security• Screening practices• Denial and lack of awareness• Reactive approach

to crises• Lack of family

emergency plan• No trusted security advisor

Risks• Identity theft

and data loss• Targeted violence• Stalking/kidnapping• Fraud• Extortion• Reputation• Physical violence• Natural and

man-made disasters• Loss of privacy

Affluent families confront significant risks, threats and vulnerabilities.A UNIQUE SET OF PRIORITIES AND RISKS

High net worth individuals and their Family Offices are a high-value target for cyber criminals.


PROTECTING THE FAMILY OFFICE

Information security is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.— Chapter 35 of Title 44, United States Code



Targeted cyber attacksor identity theft via cyber breach.

Denial-of-service attacks, phishing, pretexting, social engineering and Ransomware.

Fraud or other loss related to funds transfer.

Technical disruption and data loss due to computer failure.

Employees who abuse their legitimate access by accident or deliberately.

Extortion or kidnap-and-ransom plots powered by geo-tagging and tracking of online activity.

Hacking of home security systems and other risks to personal safety as high profile target for cyber criminals.

Invasion of privacy and reputational damage.

Portable device theft or loss compromising digital privacy and security.

Hacktivistattacks forpolitical or ideological motives.



Cyber risks to Family Offices


Think beyond ease of use and assumptions of data protection and ask tough questions that will help to identify the strengths and weaknesses of your current information security strategies.


• Are we protected? • Are we doing enough?• What is the financial impact if we incur a data breach?• Do we have a data recovery plan in place?

Is the use of social media a cyber issue?

Absolutely.



Mobility and technical agility keep your daily business and personal activity in sync, but this digital connectivity brings unique security challenges as your data becomes the target of predators.



The two biggest cyber risks for 2015 and 2016 are social engineering and ransomware.

13




HOW DO YOU PREPARE?

Today’s technically agile world puts newdemands on Family Offices to be risk aware and proactive in securing and protecting the transmission and storage of sensitive financial, business and personal information.

Ensuring information security requires:• Leadership – more than just a technologist• Strict policies that employees understand

and observe• OPSEC (Operations Security)

15

HOW DO YOU PREPARE?


Employ technology solutions that balance the highest level of security against ease of access and operational robustness.

• Network Layering• Application Layering• Sound Security Practices• IT Support Model

Ensure that you or your Information Technology providers have the proper tools in place – and that they are effectivelymanaging your information security.

• ISO 27001 or Industry-Specific Requirements • Penetration Tests• Social Engineering• Disaster Recovery / Business Continuity

16

HOW DO YOU PREPARE?


QUESTIONS AND DISCUSSION

Steven Bova, Senior Director, Information Technology [email protected]

Howard Fisher, Vice President, Strategic [email protected]

30 South Wacker Drive, Suite 1400Chicago, Illinois 60606 312.869.8500