The added surface area required to support investment teams working remotely during the last two years has contributed to increased attack frequency and severity, according to our newly published 2023 Hedge Fund Cybersecurity Trends Report.

Conducted in Q1 of this year, the 2023 Hedge Fund Cybersecurity Trends Report captures the opinions and perceptions of recent, current, and future cybersecurity programs, readiness, and initiatives from 100 hedge fund practitioners spanning the technology, operations, cybersecurity, and compliance fields.


While the frequency of cyber-attacks during the last two years rose for just under a quarter of respondents (22%), the time and resources required to resolve successful attacks jumped for more than half of the firms that responded (51%).

And while 78 percent of respondents reported attack frequency stayed about the same or decreased in the last two years, a much higher percentage of firms that manage cyber programs internally reported attack increases (39%) compared to those who outsourced some or all their programs (19%).

That’s one of several insights captured about the state of cybersecurity programs and initiatives across the hedge fund industry in an already turbulent year. So far this year, the White House has urged private sectors to harden their cyber defenses immediately and the U.S. Securities and Exchange Commission (SEC) has announced it will usher in sweeping new cybersecurity risk management rules aimed at improving the industry’s cyber strength and posture.

A few other key observations in this year’s survey were that the industry overwhelmingly views the convergence of technology and cybersecurity teams as a necessity in the post-pandemic, work-from-anywhere environment.

That view was especially prominent among the 92 percent of respondents who told us they believe business technology and security operations—or what we refer to as extended detection & response (XDR)—services through the duration of this report) should be managed by the same team.

Respondents also indicated an incredibly high appetite for cycling through cybersecurity governance providers. In fact, 100 percent of firms using an outside consultant for governance reported they were likely to switch providers within the next two years. For security operations (or XDR) services, which are widely viewed as an integral component of a firm’s technology environment, the appetite for a change in service providers dropped to 81 percent.

See also  Guide to Managed IT, Cybersecurity Operations & Cyber Governance

The report breaks down respondent answers across several demographics—seniority level, functional role, number of employees, years in operation, and assets under management—to provide you with a more detailed view of how you and your firm’s cybersecurity programs and practices measure up with your peers.

We hope this will offer you a benchmark to measure your own firm’s cyber programs and readiness as you prepare to address growing scrutiny of your cyber posture from regulators and investors alike.

Download the full 2023 Hedge Fund Cybersecurity Trends Report to read more.


2022 hedge fund cybersecurity trends report5