At least 25% of family offices have been subjects of cyberattacks, and nearly 40% of them lack a cyber security policy. Welcome to a three-part series that will examine the cyber vulnerabilities surrounding family offices and steps they can take to mitigate those risks.

Family Offices Are Particularly Vulnerable to Cyber-Crime

As part of the global increase in the number of billionaires worldwide, family offices have evolved from little more than holding companies to highly sophisticated financial firms managing family wealth, administering assets and acting like a typical private equity or debt fund. Family offices are managing almost 50% of Ultra High Net Worth family wealth. Given the vast amount of wealth that family offices support, they are prime targets for cyber crime, which some analysts project will account for a global $6 trillion cost by 2021.  The fact that nearly 40% of family offices do not even have a cybersecurity policy in place highlights the need for improvement when it comes to making themselves less vulnerable to cybercrime. 

Single-family offices—as the name suggests— support one family and generally grow out of a family business while multi-family offices will manage the affairs of various families. Some multi-family offices manage funds for other families whereas others act essentially as diversified investment firms with hundreds of employees and offer additional services like tax, legal and compliance functions. Most family offices will also have access to family members’ personal information because they handle the family’s personal administrative functions like setting up doctor appointments, paying personal bills, or arranging travel. Given their nature, over half of family offices surveyed recently admitted that they have never corrected or removed publicly available data relating to the family or business—public information that can be a virtual road map for cyber-criminals looking for a way in. Many family offices underinvest in critical information technology systems and do not have the requisite level of sophistication in their technology to withstand cyberattacks. Given the scale of wealth involved, family offices can be an easy target for cyber-criminals despite their best efforts to be unrecognized by utilizing common names for their corporate entities.

Cyberattacks on a family office’s systems can lead to the loss of sensitive personal and financial data as well as financial loss. According to a November 2017 Campden Wealth & Schillings study, 28% of family offices have experienced at least one cyberattack. Despite the prevalence of cyber crime, only 38% of family offices surveyed have a cyber security plan in place.This is troublesome given that 58% of all malware attacks reported in 2018 targeted small businesses, like family offices. For these reasons, family offices should take proactive measures to minimize the risk of falling victim to an attack. Family offices can protect themselves by focusing on technical firewalls and better education of their employees and controlling publicly available data.

Stay tuned for Part Two where we will examine cyberattack trends.