Insights

CYBERSECURITY NEWS: SEC Observations

January 27, 2020

SEC OCIE Publishes Observations on Cybersecurity and Resiliency Practices On Monday, January 27th 2020, the U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE”) issued examination observations related to cybersecurity and operational resiliency practices. The observations focus on the following areas: Governance and Risk Management Access Rights and Controls Data Loss Prevention…

Read More

Drawbridge Partners Appoints Dan Lyons Vice President of Business Development

January 21, 2020

Business Development Professional Joins Drawbridge as Market Demand and Expanded Software Portfolio Drive Explosive Company Growth Drawbridge Partners, a premier cybersecurity software and services firm specializing in the needs of hedge fund and private equity managers, today announced the appointment of Dan Lyons as Vice President of Business Development. Lyons will be responsible for driving…

Read More

Cybersecurity News: SEC & CFTC Update

January 8, 2020

Cybersecurity News Alert 2020 SEC EXAMINATION PRIORITIES On Tuesday, January 7th 2020, the U.S. Securities and Exchange Commission (the “SEC”) released the examination priorities for 2020. The SEC has shifted their examination priorities from years past in an effort to adapt to emerging risks, but cybersecurity continues to remain a top priority for the SEC.…

Read More

Drawbridge Partners Expands Cybersecurity Offering with Launch of DrawbridgeConnect-R™ Platform

November 6, 2019

Drawbridge Partners Expands Cybersecurity New Vulnerability Management as a Service (VMaaS) platform offers firms comprehensive vulnerability scanning, remediation and reporting Drawbridge Partners, a premier cybersecurity software and services firm specializing in the needs of hedge fund and private equity managers, today announced the launch of DrawbridgeConnect-R™, a Vulnerability Management as a Service (VMaaS) platform.  DrawbridgeConnect-R…

Read More

Drawbridge Partners Wins ‘Best Cyber-security Solution’ at the 2019 HFM European Hedge Fund Technology Awards Ceremony

September 24, 2019

Drawbridge Partners, a premier cybersecurity services firm specializing in the needs of hedge fund and private equity managers,is proud to have won ‘Best Cyber-security Solution’ at the 2019 HFM European Hedge Fund Technology Awards. Winners are determined based on the views of the CTO judging committee and a polling of the HFM Technology readership.

Read More

DRAWBRIDGE PARTNERS INTRODUCES DRAWBRIDGECONNECT™ PLATFORM

August 13, 2019

 Management Platform Offers Firms Complete Oversight of Cybersecurity Programs, Provide Investor Base with Evidence of Regulatory Compliance, Protect Against Real-time Threats and Manage Third Party Vendor Risk    Drawbridge Partners, a premier cybersecurity services firm specializing in the needs of hedge fund and private equity managers, today announced the launch of DrawbridgeConnect™, an automated management…

Read More

Stop Hacks and Improve Electronic Data Security Act (SHIELD Act)

July 31, 2019

On July 25, 2019, the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) and the Identity Theft Prevention and Mitigation Services Act were signed into law in the State of New York. Both Acts strengthen cybersecurity and consumer privacy protections for New York state residents. The SHIELD Act The SHIELD Act amends New…

Read More

SEC OCIE RISK ALERT

May 23, 2019

On May 23, 2019, the Securities and Exchange Commission’s (the “SEC”) Office of Compliance Inspections and Examinations (“OCIE”) released a new risk alert identifying security risks associated with the storage of electronic customer records and information in various network storage solutions, including cloud-based storage. Some of the concerns brought to light from recent examinations were…

Read More

CYBERSECURITY RISK ALERT: WhatsApp Vulnerability

May 14, 2019

Yesterday, various governmental agencies and news outlets were made aware of a security vulnerability affecting the WhatsApp messaging platform. The vulnerability may have enabled malicious actor(s) to inject spyware on user devices which potentially exposed user information on mobile devices. WhatsApp has encouraged users to update the application immediately to avoid potential exposure and compromise of data.…

Read More

PRESS RELEASE: DRAWBRIDGE PARTNERS ANNOUNCES THE ACQUISITION OF inCYBER SECURITY ADVISORY BUSINESS

May 8, 2019

STAMFORD, CT, May 8, 2019 – Drawbridge Partners, a premier cybersecurity consulting firm specializing in the needs of hedge fund and private equity managers, today announced the acquisition of inCyber Security, inCyber Compliance’s  consultancy division. The acquisition gives Drawbridge Partners a portfolio of high-profile and long-term clients as the firm continues its impressive growth and focus…

Read More

Hedge Funds Besieged by Hackers on Daily Basis

May 1, 2019

By David Beach — May 1,2019 Hackers are exploiting inherent weaknesses in mature hedge funds on a daily basis, say a security vendor and the chief technology officer of an established fund, leading to huge boosts in cybersecurity spending. “Hedge funds are being targeted simply because of cash movements where frequent large transfers are normal at…

Read More

CYBERSECURITY RISK ALERT: Broadcom Wi-Fi

April 18, 2019

CYBERSECURITY RISK ALERT – DRAWBRIDGE PARTNERS For individuals using Broadcom Wi-Fi, on April 17, 2019, the CERT Coordination Center (“CERT/CC”) published information identifying various vulnerabilities stemming from the Broadcom ‘w1’ driver and open source ‘brcmfmac’ driver for Broadcom Wi-Fi chipsets. Ultimately, these vulnerabilities could allow an unauthenticated attacker to execute arbitrary code on a vulnerable…

Read More

CYBERSECURITY RISK ALERT: SEC Regulation S-P Risk Alert

April 16, 2019

Today, April 16, 2019, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) published a risk alert regarding compliance issues related to Regulation S-P. The focal points identified by the OCIE were the failure to provide customers with privacy and opt-out notices, as well as the failure to adopt written policies and procedures that address…

Read More

Drawbridge Partners Appoints Viktor Tadijanovic Chief Technology Officer

April 1, 2019

Renowned Technologist and Platform Creator, Viktor Tadijanovic, Joins Drawbridge Executive Leadership Team Drawbridge Partners, premier cybersecurity consulting firm specializing in the needs of hedge fund and private equity managers, has announced the appointment of Viktor Tadijanovic as Chief Technology Officer. In this role, Mr. Tadijanovic will oversee the company’s overall technology strategy and lead the…

Read More

How Private Equity Firms Can Mitigate Portfolio Company Cybersecurity Risk

March 27, 2019

Driven by investors’ demands and regulatory expectations, private equity firms have made significant progress in protecting their data. However, many of their portfolio companies don’t have those same incentives and have not put the same level of cybersecurity protections in place. In a guest article, Jason Elmer, the managing partner at Drawbridge Partners, explains how…

Read More

CYBERSECURITY RISK ALERT: GOOGLE CHROME VULNERABILITY

March 8, 2019

Recently, Google identified a zero-day vulnerability affecting Chrome internet browsers. The vulnerability is a memory management error which could allow a remote attacker to read the contents of files stored on a user’s computer. Google addressed the vulnerability in Chrome version 72.0.3626.121. Check if your Chrome browser is up-to-date:

Read More

CYBERSECURITY RISK ALERT: CISCO WEBEX VULNERABILITY

March 1, 2019

Cisco has identified a vulnerability in its Webex Meetings Desktop App and Webex Productivity Tools. By invoking the update service command with a crafted argument, an authenticated, local attacker could run arbitrary commands with SYSTEM level user privileges. The vulnerability may also be exploited remotely in Active Directory deployments by leveraging operating system remote management…

Read More

CYBERSECURITY RISK ALERT : Cisco Webex Alert

February 28, 2019

Cisco Webex Cybersecurity Alert: Cisco has identified a vulnerability in its Webex Meetings Desktop App and Webex Productivity Tools. By invoking the update service command with a crafted argument, an authenticated, local attacker could run arbitrary commands with SYSTEM level user privileges. The vulnerability may also be exploited remotely in Active Directory deployments by leveraging…

Read More

CYBERSECURITY NEWS ALERT: CFTC’s First Ever Examination Priorities

February 26, 2019

On February 12, 2019, the Commodity Futures Trading Commission’s (“CFTC”) released its first ever examination priorities for registrants of the Division of Market Oversight (“DMO”), Division of Swap Dealer & Intermediary Oversight (“DSIO”), and Division of Clearing & Risk (“DCR”). A notable inclusion in the examination priorities is service provider oversight.

Read More

CYBERSECURITY RISK ALERT: Microsoft Internet Explorer Vulnerability

February 13, 2019

Microsoft has recently identified a vulnerability (CVE-2019-0676) within Internet Explorer (“IE”). When IE improperly handles objects in memory, it is possible for an attacker to test for the presence of files on disk. Attackers can exploit this vulnerability by sending the user a link leading to a malicious website, and coercing them to follow the…

Read More