"People are easier to hack than systems, therefore keep on investing in awareness training"

In today's fast-paced financial landscape, where data is the new currency, Private Equity (PE) firms are standing at a crucial crossroads—juggling the demands of innovation while safeguarding their digital assets. With cyber threats growing more sophisticated, PE firms face the challenging task of finding equilibrium. We spoke to Nigel Diesveld, CFO at pan-European private equity HPE Growth and a featured speaker at our upcoming Zero One Hundred Conferences webinar, "How to Secure Data and Protect Investors," scheduled for Wednesday, October 11th, at 4:30 PM CEST. In this interview, we dive into the pressing cybersecurity concerns affecting investors and explore strategies to mitigate these risks.

What new risks and cybersecurity challenges are currently impacting private equity funds?

Private equity funds, like other financial institutions, face a growing number of cybersecurity risks and challenges. This includes phishing attacks, ransomware, and data breaches. Especially regarding phishing e-mails, we see the number of attempts going up significantly. The e-mails we receive are getting much more sophisticated. One of the reasons is that hackers make use of AI. ChatGPT serves well to quickly create template phishing e-mails and to check on grammar. This enables hackers to send out much more (reliable looking) phishing e-mails.

Also working remotely has increased cybersecurity risks and challenges. Typically home offices are less secure compared to an office environment: Limited password complexity is required on your home wi-fi, less robust firewall, etc. Especially logging into public wi-fi increases the risk of getting hacked.       

What can Private Equity firms do to prevent these threats?

Phishing e-mails

A quick win is enabling MFA. Even if a hacker comprises log-in details, with MFA it’s still quite difficult to get into the system.

Another quick win is enabling First Contact Safety Tip (from Windows). It shows when you receive an e-mail from someone you normally don’t receive e-mails from. That helps you recognize someone that pretends to be someone you know.

People are easier to hack than systems, therefore keep on investing in awareness training. “Think before you click.” Explain the risks of phishing, recognizing phishing attempts, etc.

Employees should directly file the phishing e-mail to ‘junk’ to avoid receiving it again.

Working remote

Enhance remote work security measures, including secure VPNs, encrypted communication, and device management for remote employees. In addition, educate employees on remote work security practices.

How should PE firms balance digital innovation with effective cybersecurity? 

I think both are about equally as important for PE firms. It is needed to be innovative to stay ahead of the competition while at the same, time it’s crucial for a PE firm to protect its assets and to protect sensitive data. Therefore, balancing the 2 is an ongoing process.

When considering kicking off a digital innovation project, it’s important to balance the benefits versus the security risks. Therefore, it’s important to involve IT / IT security experts early in the process to assess and address security implications.

The focus should be around data. Will it be stored at the third-party vendor? And is the vendor able to provide assurance regarding the security of their services?

Don’t forget that digital innovation definitely also has an opportunity to make your cybersecurity more effective! AI/ML for example can analyze large amounts of data to detect patterns that are indicative of cyber threats.

Nigel Diesveld, will be speaker at the Zero One Hundred Conferences webinar "How to Secure Data and Protect Investors" with other top industry speakers such as Paul Harragan, Portfolio's Global Cybersecurity Lead at KKR, Julia Dudenko, CISO at Haniel, and Thomas Baasnes, Cybersecurity Director at Verdane. The event will be moderated by Paul Loefstedt, Principal Solutions Consultant at SS&C Intralinks.

The online event will be held on Wednesday, October 11th, at 4:30 PM CEST.

Free registration here

 

Blog

Other news you might be also interested in

Insights from Cardumen Capital: Leveraging Cross-Border Synergies and Innovation to Transform Venture Capital

From pioneering AI-driven evaluation techniques to fostering innovation in DeepTech, AgriFoodTech, and beyond, Igor de la Sota, Founder and General Partner of Cardumen Capital, offers a glimpse into the insights he will discuss during the panel, “How Venture Capital Funds Can Improve Deal Origination: Innovative Tools and Techniques,” at the 0100 DACH conference in Vienna, taking place from February 18–20. He will share the stage with Henric Hungerhoff, Founding General Partner at HEARTFELT_, Rune Theill, CEO and Co-Founder at Rockstart, and Christian Claussen, General Partner at Ventech.

Vahit Alili from Schroders: Harnessing Fund-of-Funds and Co-Investments for Mid-Market Private Equity Success

Vahit Alili, Senior Investment Director in Private Equity at Schroders Capital, shares his perspective on the evolving private equity landscape in the DACH region. Speaking ahead of his appearance at the 0100 DACH Conference, Vahit discusses the challenges and opportunities in 2024, his outlook for 2025, and the critical role of portfolio diversification through Fund-of-Funds (FoF) and co-investments. With insights into mid-market dynamics, the importance of specialist managers, and strategies to align investor and GP interests, this conversation offers valuable guidance for navigating the complexities of the private equity market.

Transforming Sustainability at Ardian into a Core Driver of Operational Excellence and Value Creation

Ardian has been at the forefront of integrating ESG into its investment strategies since 2008, transforming sustainability from a “soft topic” to a core driver of operational excellence and value creation. In this interview, Louise Doucet from Ardian discusses the firm’s comprehensive approach to ESG across its investment cycle, the challenges of ESG reporting in private markets, and the growing role of sustainability in valuations and exit opportunities. She also shares insights into the evolving ESG landscape, including trends in the DACH region and the future of responsible investing.