Last month Citi Private Bank released a white paper focused on the growing cybersecurity threat and its relevance to Family Offices. The white paper surveyed information security experts in and outside of Citi to provide a comprehensive guide on a topic of high interest to Family Offices. The full white paper can be accessed on the Citi Private Bank website here.
The author of the report, Edward Marshall, director, Global Family Office Group at Citi Private Bank, said, “As seen in recent news, the number of cyberattacks perpetrated against nations, corporations and individuals are increasing at a rapid pace. One of the most pressing issues our clients face now is cybersecurity as Family Offices have more and more become targets of cyberattacks. We hope this white paper will impart actionable best practices and identify available resources in the cybersecurity space.”
I asked Edward to shed some light on a segment of the market (Family Offices) that many do not have much visibility into.
Are you aware of any Family Offices hiring their own chief risk officer (CRO) or chief information security officer (CISO) yet?
While the corporations that often create the wealth for a family are well-equipped with information technology staff and updated technology, the Family Office is often deprived of the same treatment because they typically operate as separate corporate entities in locations convenient for the principal and/or access to capital markets Despite these resource constraints, Family Offices are starting to realize the importance of building an information security program that is flexible and can incorporate lessons learned and adapt to new cyber threats.
There is a growing cottage industry of security professionals and organizations springing up that cater to Family Office security and specifically cybersecurity issues. Family Offices are starting to look to how the largest public companies aim to protect their digital crown jewels from hackers. We have seen many Family Offices hire external professionals to provide an initial diagnostic of risks and then depending on complexity, FOs will retain those professionals to provide regular checkups. We witnessed further indications of the increased attention to cyber during our annual Family Office Leadership Program (FOLP) last month in Armonk, NY. FOLP is a three-day executive education program designed for C-level Family Office executives that features panel discussions on trends in Family Office management presented by Family Office practitioners and leading industry advisors. This year’s leadership program included a panel on cybersecurity for Family Offices. The cybersecurity panel was so well received by attendees at the Armonk leadership program that we plan to offer a dedicated cybersecurity panel at our upcoming Asian Family Office Leadership Program in October 2017 that will take place in Hong Kong.
For the moment, an in-house Family Office CISO position exists only for the largest Family Offices in North America. However, as the complexity of Family Office’s mandate increases, we are likely to see increased use of consultants and internal CROs and CISOs.
Would you say Family Offices view the cyber threat as an IT issue (a network to defend), or do they see it as more comprehensive in defending enterprise value?
Family Offices manage tremendous amounts of wealth, representing 8% of the global ultra-high net worth population but nearly 50% of global ultra-high net worth wealth. In North America alone, there are an estimated 4,500-plus Family Offices. Complex and…