Redpave Security – Redpave Security

Securing your family's legacy in the digital age.

Menu

Securing your family's legacy in the digital age.

February 2, 2022

How a cybersecurity framework can benefit your family office

PREVIOUS ARTICLE

NEXT ARTICLE

What is a cyberscurity framework?

A cybersecurity framework is a series of documents defining the best practices an organization follows to manage its cybersecurity risk. Such frameworks reduce a company’s exposure to vulnerabilities.

A Cybersecurity Framework can be used to:

  • Understand security status.
  • Establish / Improve a cybersecurity program.
  • Communicate cybersecurity requirements with stakeholders.
  • Identify opportunities for new or revised standards.
  • Assists in prioritizing improvement activities.
  • Enables investment decisions to address gaps.

There three most prominent frameworks are:

In our experience the CIS Framework is the most effective for family officers as the other frameworks are designed for critical infrastructure and therefore have far more granular requirements (which results in increased complexity and cost).

The Center for Internet Security Critical Security Controls (CIS)

CIS was built in the late 2,000s by a team of voluneer-expert coalition to create a framework for protecting companies from the threats of cybersecurity. It is comprised of 20 controls that are regularly updated by experts from all fields – government, academia, and industry – to be consistently modern and on top of cybersecurity threats.

CIS works well for organizations who want to start out with baby steps. Their process is divided into three groups. They start with the basics, then move into foundational, and finally, organizational.

This organization works with benchmarks, or guidelines based on commonly used standards, such as NIST and HIPAA, that not only map security standards to help companies comply to them, but offer alternative basic security configurations for those who don’t require compliance but want to improve their security.

NIST Cybersecurity Framework

Identify

Have an understanding of how to manage cybersecurity risks to systems, assets, data, and capabilities. Have you considered specific kinds of cyber attacks? Different types of cyber attacks may demand different responses. A ransomware attack, for example, raises questions about backup policies, whether information is backed up thoroughly or held offline. Risk assessments should be conducted regularly to design and implement a comprehensive risk management strategy.

Protect

Controls and safeguard necessary to protect or deter cybersecurity threats. Are controls in place and have employees been trained on those controls? Establishing access controls to sensitive information and training employees and service providers on the safeguards will help maintain a cybersecurity program that protects the organisation from internal and external threats. To test the effectiveness of such controls and training, regularly-scheduled phishing tests or tabletop exercises are recommended to test how the organisation fares in response to attacks and breaches.

Detect

Continuous monitoring to provide proactive and real-time alerts of cybersecurity-related events. Are data forensic capabilities in place that will detect anomalies, fraud activities or data theft events? A robust data security program should include forensics and monitoring that will assist in not only detecting a cyber attack or a breach but also analysing and understanding them after such vulnerability is discovered.

Respond

Incident-response activities. Is an incident response team in place and does the team have a playbook to follow in the event of a breach? A cross-disciplinary team should be in place to receive reports, investigate potential breaches and to respond to known breaches. Response plans and playbooks should clarify roles and responsibilities, including how the family will be notified, whether law enforcement will be contacted and who will analyse various other legal requirements for notification that may be triggered.

Recover

Business continuity plans to maintain resilience and recover capabilities after a cyber breach. If a severe cyberattack renders the family office’s network unusable, how fast can the network be shut down and brought back into operation? Recovery planning should include not only procedures for how to best respond and keep the organisation resilient but also how lessons learned from “near-misses” can be incorporated to address data security gaps and reduce future risks.

Conclusion

Family offices can benefit greatly by leveraging existing best practices captured within Cybersecurity frameworks.