Call Us
Contact Us
Request A Demo
Contact Us
Request A Demo
Home > Resources > Insights

Insights

The cyber landscape never stops shifting – and neither should your perspective. Our Insights bring you expert commentary, thought leadership and practical guidance on the issues shaping the alternative investments sector. Stay ahead of regulators, satisfy investors, and strengthen your resilience with analysis from the team that knows your world best.

  • Two professionals reviewing cybersecurity and operational risk documentation in a modern office

    Cyber Risk Intelligence: Turning Data into Resilience for Alternative Investments

    By Eric Bernstein, CEO, Drawbridge Why intelligence-led approaches are essential to meet rising threats, regulatory demands and investor expectations The alternative investment industry is entering a new era of scrutiny. Regulators, investors and counterparties are paying closer attention to how firms manage operational risk, and cybersecurity sits at the heart of that conversation. Threat actors…

    Read more: Cyber Risk Intelligence: Turning Data into Resilience for Alternative Investments
  • Professional reviewing cybersecurity risk metrics on a printed report, reflecting Drawbridge’s technology-driven approach to monitoring, assessing, and managing security risk for alternative investment firms.

    Cyber Security Scoring: A Smarter Way to Benchmark Risk

    By Art Murphy A few weeks ago, I sat down with a table full of C-level execs from private equity and hedge funds. The conversation went wide from SEC prep (of course) to cyber hygiene, and then someone mentioned an LP asking about their Drawbridge Score and the whole table paused. No one asked, “What’s that?” They…

    Read more: Cyber Security Scoring: A Smarter Way to Benchmark Risk
  • A business professional reviewing cybersecurity performance metrics on a tablet during a meeting, illustrating data-driven cyber resilience discussions within an investment firm.

    From Compliance to Confidence

    Cyber Resilience as a Strategic Advantage in Alternative Investments By Eric Bernstein, CEO, Drawbridge We continue to see the topic of cybersecurity move from the back office to the investment committee. What was once a compliance obligation is now a defining factor in investor trust and capital allocation. For alternative investment firms, cyber resilience has…

    Read more: From Compliance to Confidence
  • investment advisors

    SEC Cybersecurity

    Where do you stand, and what’s coming for investment advisors? What you should know For firms with assets over $1.5bn, the changes to Regulation S-P will take effect on December 3rd, 2025. In combination with the 2025 SEC Examination Priorities, there is work to be done to meet both the rule and guidance from the…

    Read more: SEC Cybersecurity
  • Padlock protected laptop

    Is AI the death of “Trust but Verify” Cybersecurity?

    Cyber security risk assessments take multiple staff members time to complete. Even once that time has been accounted for (usually with HR, Operations, IT and Legal involved) you still need someone to manage the results. You’ll often have remediation work for the IT team, remediation work for HR, and need someone to oversee those actions…

    Read more: Is AI the death of “Trust but Verify” Cybersecurity?

  • Drawbridge Receives SOC 2 Type II Attestation

    We are proud to share we have completed our SOC 2 Type II audit. This attestation provides evidence that Drawbridge continues to focus on our strong commitment to security, but also to delivering first class services to our clients by demonstrating we have the necessary internal controls and processes in place to support our clients…

    Read more: Drawbridge Receives SOC 2 Type II Attestation
  • A cyber defense shield being targeted by a breach

    Linedata Breach – August 11th, 2025

    Linedata’s Icon was targeted in a cyber attack on 11th August, 2025. The attack has resulted in reported outages of Icon while the investigation and recovery process are in progress. Their official statement is available here. The attack highlights that firms should always remain vigilant to an often-quoted phrase, “It’s a matter of when you’ll…

    Read more: Linedata Breach – August 11th, 2025
  • Nearly Half of Portfolio Companies Skip Critical Cyber Testing. What Does That Mean for Your Portfolio?

    Nearly Half of Portfolio Companies Skip Critical Cyber Testing. What Does That Mean for Your Portfolio?

    In an evaluation of 1,000 cyber risk assessments, 48% of firms performed external penetration testing less than once a year, if at all. That’s a staggering gap, especially in an industry where timing and risk precision are everything. For private equity firms, this is more than a cybersecurity concern. It’s a portfolio-level business risk. One…

    Read more: Nearly Half of Portfolio Companies Skip Critical Cyber Testing. What Does That Mean for Your Portfolio?
  • AI governance isn't a “set it and forget it” exercise. As AI capabilities evolve, so too must your approach to managing them. Firms that build agility into their governance—through frequent policy reviews, cross-functional collaboration, and continuous education—will be best positioned to harness AI’s benefits without falling prey to its risks. In a landscape where regulators are watching and technology is shifting by the minute, proactive AI risk management is no longer optional—it’s a core business responsibility.

    AI is moving fast—are your policies keeping up?

    Are you treating AI like a helpful assistant—or a ticking time bomb? AI is making our lives easier, no question. However, when introduced into the workplace without clear oversight, it can pose serious risks to your business—from regulatory exposure to cybersecurity threats. AI Risk Management Starts with Clear Policies and Communication Drawbridge’s Simon Eyre and…

    Read more: AI is moving fast—are your policies keeping up?
  • DORA Preparation Check List

    DORA Preparation Check List

    The Digital Operational Resilience Act (DORA) has officially been in effect since 17 January 2025, following a two-year lead-up period—but many organizations are still playing catch-up. Although DORA is an EU regulation targeting the financial sector, including alts, its reach extends beyond Europe. U.S.-based companies that provide services to EU financial institutions, including subsidiaries, are…

    Read more: DORA Preparation Check List
  • cyber insurance

    One Strategy That Could Cut Your Cyber Insurance Costs by 15–20%

    We’re entering uncharted waters in the cyberspace, and hackers are ready to rock the boat. Alternative investment markets are overcrowded with providers, each offering a unique kind of expertise and service, and each just as important as the next. With so many different providers to choose from, it’s becoming increasingly difficult to pinpoint risks. The…

    Read more: One Strategy That Could Cut Your Cyber Insurance Costs by 15–20%

  • Shifting Cyber Readiness into the Front Office

    Cybersecurity has transformed from a once-a-year process to an ongoing effort. Managing risk has become increasingly digital and complex within alternative investment environments. Nowadays, it’s not just regulators you need to impress but your investors as well. In our latest webinar, Drawbridge’s Simon Eyre (CISO) and Louis Cordone (Head of Client Success) sat down together…

    Read more: Shifting Cyber Readiness into the Front Office