For an investment manager, the consequences of a cyberattack can be devastating. “It is not just about alerting investors to data breaches. If, due to a cyberattack, systems are completely shut down for a week or two, and fund managers cannot trade, they cannot fulfil their fiduciary duty to investors,” says Edward Sadtler, head of the Intellectual Property, Sourcing & Technology group, and a member of the Cybersecurity & Data Privacy group, at Schulte Roth and Zabel.

Cyberattacks are hitting many parts of the financial industry, including hedge funds. In November 2020, reports surfaced of a potent attack against an Australian hedge fund initiated through a false Zoom invite that led to the loss of millions of dollars and ultimate closure of the fund. “The incident is just one example of increasingly sophisticated cyberattacks taking place all over the world. Hedge funds are particularly vulnerable, because they handle large amounts of money – but may have cybersecurity operations that are lean relative to large financial institutions,” Sadtler points out.