Security
-
Cyber Risk Intelligence: Turning Data into Resilience for Alternative Investments
By Eric Bernstein, CEO, Drawbridge Why intelligence-led approaches are essential to meet rising threats, regulatory demands and investor expectations The alternative investment industry is entering a new era of scrutiny. Regulators, investors and counterparties are paying closer attention to how firms manage operational risk, and cybersecurity sits at the heart of that conversation. Threat actors…
-
Cyber Security Scoring: A Smarter Way to Benchmark Risk
By Art Murphy A few weeks ago, I sat down with a table full of C-level execs from private equity and hedge funds. The conversation went wide from SEC prep (of course) to cyber hygiene, and then someone mentioned an LP asking about their Drawbridge Score and the whole table paused. No one asked, “What’s that?” They…
-
From Compliance to Confidence
Cyber Resilience as a Strategic Advantage in Alternative Investments By Eric Bernstein, CEO, Drawbridge We continue to see the topic of cybersecurity move from the back office to the investment committee. What was once a compliance obligation is now a defining factor in investor trust and capital allocation. For alternative investment firms, cyber resilience has…
-
Is AI the death of “Trust but Verify” Cybersecurity?
Cyber security risk assessments take multiple staff members time to complete. Even once that time has been accounted for (usually with HR, Operations, IT and Legal involved) you still need someone to manage the results. You’ll often have remediation work for the IT team, remediation work for HR, and need someone to oversee those actions…
-
Drawbridge Receives SOC 2 Type II Attestation
We are proud to share we have completed our SOC 2 Type II audit. This attestation provides evidence that Drawbridge continues to focus on our strong commitment to security, but also to delivering first class services to our clients by demonstrating we have the necessary internal controls and processes in place to support our clients…
-
Linedata Breach – August 11th, 2025
Linedata’s Icon was targeted in a cyber attack on 11th August, 2025. The attack has resulted in reported outages of Icon while the investigation and recovery process are in progress. Their official statement is available here. The attack highlights that firms should always remain vigilant to an often-quoted phrase, “It’s a matter of when you’ll…
-
Nearly Half of Portfolio Companies Skip Critical Cyber Testing. What Does That Mean for Your Portfolio?
In an evaluation of 1,000 cyber risk assessments, 48% of firms performed external penetration testing less than once a year, if at all. That’s a staggering gap, especially in an industry where timing and risk precision are everything. For private equity firms, this is more than a cybersecurity concern. It’s a portfolio-level business risk. One…
-
Shifting Cyber Readiness into the Front Office
Cybersecurity has transformed from a once-a-year process to an ongoing effort. Managing risk has become increasingly digital and complex within alternative investment environments. Nowadays, it’s not just regulators you need to impress but your investors as well. In our latest webinar, Drawbridge’s Simon Eyre (CISO) and Louis Cordone (Head of Client Success) sat down together…
-
The Cyber Security Ecosystem: Trust but Verify
In cybersecurity, independence doesn’t mean going it alone—it means making informed decisions while leveraging a strong network of trusted providers. Alternative investment firms depend on Managed Service Providers (MSPs), cyber risk advisors, and compliance experts to enhance their security, but they must also maintain autonomy in assessing risks, implementing best practices, and verifying protections. This…
-
Impersonation Scams on Messaging Apps
A noticeable uptick in impersonation scams has raised concerns among organizations that regularly interact with clients and potential investors. Armed with basic reconnaissance and alternative communication platforms like WhatsApp and Telegram, malicious actors pose as legitimate company representatives, duping unsuspecting targets into disclosing sensitive information or investing money under false pretenses. Below is a concise…
-
ON-DEMAND: Cyber Readiness Redefined: Building Confidence for Investors and Managers
Gone are the days of annual cybersecurity reviews. As investor expectations evolve, cybersecurity readiness has become a critical component of risk management and protecting returns. In this webinar, our CISO, Simon Eyre, and Head of Client Success, Louis Cordone, share actionable strategies for mitigating cyber risks in today’s dynamic investment landscape. Key takeaways: Practical methods…
-
What is Salt Typhoon?
An advanced persistent threat (APT) group identified by Microsoft as “Salt Typhoon” has been credited with recent attacks against global communications networks, including internet service providers and telephone companies. U.S. officials claim the group has likely links to the Chinese Ministry of State Security, China’s principal civilian intelligence service responsible for foreign intelligence, counterintelligence, and…
