protecting the family office
TRANSCRIPT
Protecting the Family Office in a Technically Agile WorldBest Practices in Cyber Security
AGENDA
• About Hillard Heintze
• Protecting the Family Office
• How do you Prepare?
• Questions and Discussion
HILLARD HEINTZE © 2015 | Protecting What Matters 2
Hillard Heintze is one of the foremost investigation, security risk management and law enforcement consulting firms in the United States. We help clients protect their people, performance, interests and reputations by providing services that yield insight, deliver assurance and instill confidence.
ABOUT HILLARD HEINTZE
HILLARD HEINTZE © 2015 | Protecting What Matters 3
Howard Fisher, Vice President,Strategic Relationships
Steven Bova, Senior Director, Information Technology
HILLARD HEINTZE © 2015 | Protecting What Matters 4
ABOUT HILLARD HEINTZE
We serve as a trusted advisor to senior executives and high net worth individuals –and their Family Offices – in designing and implementing security strategies based on the same protocols that protect the U.S. President and other high-profile, at-risk leaders and dignitaries.
5
ABOUT HILLARD HEINTZE
HILLARD HEINTZE © 2015 | Protecting What Matters
Prevention Integration Enablement Agility Assurance
– not merely response and crisis management.
– across the critical drivers of structure, people, process and technology.
– by aligning with family objectives and being inclusive vs. restrictive.
– in the face of risks that constantly evolve.
– because security is ultimately about confidence and risk management.
Effective security risk management requires a strategic approach in line with five principles
Threats• Cyber threats• Family use of social media• Identity thieves • Insiders• Emotionally challenged • Terminated employees• Organized criminals• Corporate espionage• Disgruntled investors• Troubled family members
HILLARD HEINTZE © 2015 | Protecting What Matters 6
Vulnerabilities• Information security• Travel and transportation• Physical and
technical security• Screening practices• Denial and lack of awareness• Reactive approach
to crises• Lack of family
emergency plan• No trusted security advisor
Risks• Identity theft
and data loss• Targeted violence• Stalking/kidnapping• Fraud• Extortion• Reputation• Physical violence• Natural and
man-made disasters• Loss of privacy
Affluent families confront significant risks, threats and vulnerabilities.A UNIQUE SET OF PRIORITIES AND RISKS
High net worth individuals and their Family Offices are a high-value target for cyber criminals.
HILLARD HEINTZE © 2015 | Protecting What Matters 7
PROTECTING THE FAMILY OFFICE
Information security is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.— Chapter 35 of Title 44, United States Code
HILLARD HEINTZE © 2015 | Protecting What Matters 8
PROTECTING THE FAMILY OFFICE
Targeted cyber attacksor identity theft via cyber breach.
Denial-of-service attacks, phishing, pretexting, social engineering and Ransomware.
Fraud or other loss related to funds transfer.
Technical disruption and data loss due to computer failure.
Employees who abuse their legitimate access by accident or deliberately.
Extortion or kidnap-and-ransom plots powered by geo-tagging and tracking of online activity.
Hacking of home security systems and other risks to personal safety as high profile target for cyber criminals.
Invasion of privacy and reputational damage.
Portable device theft or loss compromising digital privacy and security.
Hacktivistattacks forpolitical or ideological motives.
HILLARD HEINTZE © 2015 | Protecting What Matters 9
PROTECTING THE FAMILY OFFICE
Cyber risks to Family Offices
HILLARD HEINTZE © 2015 | Protecting What Matters 10
Think beyond ease of use and assumptions of data protection and ask tough questions that will help to identify the strengths and weaknesses of your current information security strategies.
PROTECTING THE FAMILY OFFICE
• Are we protected? • Are we doing enough?• What is the financial impact if we incur a data breach?• Do we have a data recovery plan in place?
Is the use of social media a cyber issue?
Absolutely.
HILLARD HEINTZE © 2015 | Protecting What Matters 11
PROTECTING THE FAMILY OFFICE
Mobility and technical agility keep your daily business and personal activity in sync, but this digital connectivity brings unique security challenges as your data becomes the target of predators.
HILLARD HEINTZE © 2015 | Protecting What Matters 12
PROTECTING THE FAMILY OFFICE
The two biggest cyber risks for 2015 and 2016 are social engineering and ransomware.
13
PROTECTING THE FAMILY OFFICE
HILLARD HEINTZE © 2015 | Protecting What Matters
HILLARD HEINTZE © 2015 | Protecting What Matters 14
HOW DO YOU PREPARE?
Today’s technically agile world puts newdemands on Family Offices to be risk aware and proactive in securing and protecting the transmission and storage of sensitive financial, business and personal information.
Ensuring information security requires:• Leadership – more than just a technologist• Strict policies that employees understand
and observe• OPSEC (Operations Security)
15
HOW DO YOU PREPARE?
HILLARD HEINTZE © 2015 | Protecting What Matters
Employ technology solutions that balance the highest level of security against ease of access and operational robustness.
• Network Layering• Application Layering• Sound Security Practices• IT Support Model
Ensure that you or your Information Technology providers have the proper tools in place – and that they are effectivelymanaging your information security.
• ISO 27001 or Industry-Specific Requirements • Penetration Tests• Social Engineering• Disaster Recovery / Business Continuity
16
HOW DO YOU PREPARE?
HILLARD HEINTZE © 2015 | Protecting What Matters 17
QUESTIONS AND DISCUSSION
Steven Bova, Senior Director, Information Technology [email protected]
Howard Fisher, Vice President, Strategic [email protected]
30 South Wacker Drive, Suite 1400Chicago, Illinois 60606 312.869.8500