How family offices and clients can address cyber risks
By Julie Neitzel
Wealthy individuals always have been targets for vandals and thieves, but the rise of the internet, electronic tools and new technology options have provided new ways for criminals to operate, generally in anonymous ways. Cyberattacks are becoming more pervasive.
In 2015, the Internal Revenue Service reported thieves stole tax information from 100,000 households; hackers raided eBay in a historic breach of 145 million records; 52,000 New York taxis had data about passengers and their credit card information compromised; Anthem health insurance was tapped for 80 million users’ personal information (health records, credit card data, etc.).
More and more, the family office team needs to focus on cybersecurity in its function as key risk manager for the family. Why should the family office be concerned about cyber intrusions? While there are many reasons, the key ones include theft, privacy and maliciousness.
Cyber theft occurs in many ways: unauthorized bank account access, credit card fraud, unauthorized IRS personal information access, private medical record access, identity theft, damaged reputation through social media hijacking, loss of competitive business information and more.
Privacy of family wealth can be threatened when cyber thieves extract details that can be used to harm family members, the family business and/or money. Maliciousness can result when hackers access data or websites to destroy, deviate or redirect users to different websites.
Every individual working in the family office and every family member should participate in regular training to increase their cyber awareness. Many private banks, such as J.P. Morgan, offer education for individuals and family groups. Younger generations tend to be higher technology users, but they might not be aware of the risks posed by social media, email, credit cards and ATMs.
Take inventory of devices that are vulnerable to hackers: smartphones, tablets, and desktop and laptop computers. Also, home technology such as “nanny cameras” and “smart home” devices can pose risks. Even digitally connected vehicles can be susceptible.
Consider, too, the access points that present risk. Wireless routers create opportunities for hackers to tap into home computer networks. Public Wi-Fi networks, such as those found in airports, hotels and coffee shops, are laden with threats because cyber criminals can easily access passwords and personal information from unsuspecting users.
Indeed, passwords are always a point of risk to the security of email accounts, online banking sites and other websites, especially if they are written down and available for others to access. Family office staff should avoid using personal email accounts, visiting certain websites and using unknown internet networks – all present risks to family office technology.
Family offices should consider the development of a cyber protection plan that includes the following:
• A written cyber policy that defines how the family and staff will communicate on the internet, with special attention paid to public Wi-Fi access, private networks, password policies, social media use, payment authorization and review processes.
• Assessment of encryption tools, identity protection services, data backup systems and network monitoring.
• Completing background checks regularly on employees and vendors, or using firms that provide proof of a background check process. Starting the family office planning process with a vulnerability assessment will provide valuable insights into the highest risk areas and create a framework for the development of a cyber protection plan.
Cyber risks are here to stay and will continue to evolve as criminal enterprises expand. Cyber crime is a highly specialized and technical field, and it’s best to retain a consultant to support the family office team. The best defense plan is to find the optimal balance of access and protection for family members, the family office team, the business itself and future generations. ↵
Julie Neitzel is a partner and adviser with WE Family Offices in Miami and a board member of the Miami Finance Forum. Contact her at Julie.Neitzel@wefamilyoffices.com or 305.825.2225.