On February 4 and 11, 2021, Robin L. Barton of the Hedge Fund Law Report published a two-part article on the risks of business email compromise scams:
Eleven Lessons From Cyber Hack That Forced an Australian Hedge Fund to Close.
The article features a lengthy interview with Avi Gesser, a partner in the Debevoise Data Strategy and Security Practice, during which Avi discusses the following 11 lessons from a recent cybersecurity attack on a hedge fund:
- Private Funds Are Attractive Targets
- Business Email Compromise Is a Successful Strategy
- Cyber Criminals Are Smart – and Learning
- Remote Work Has Heightened Cybersecurity Risks
- Relying on Spotting Red Flags Is Not the Best Approach
- Robust Policies and Procedures Are Effective – and Give Employees Cover
- Anything New Should Be Scrutinized
- Culture Can Undermine Strong Policies and Procedures
- Incidents Should Be Used in Cybersecurity Program Reviews
- Third-Party Cybersecurity Matters, Too
- Investors and Regulators Care About Cybersecurity
A full copy of the article is available here.