Cybercriminals are increasingly relying on social engineering to attack corporate systems. Certain types of companies such as hedge funds are particularly vulnerable, given that they typically lack extensive in-house cybersecurity expertise, deal with large sums of capital and have relationships with powerful clients and individuals. Social engineering fraud poses a number of risks to fund managers. Fortunately, managers can mitigate these risks by training employees, instituting multi-factor authentication, adopting verification procedures, limiting user access and monitoring cybersecurity regulations. In addition, managers are increasingly able to rely on insurance to cover social engineering fraud losses. In a guest article, Ron Borys, senior managing director in Crystal & Company’s financial institutions group, and Jordan Arnold, executive managing director in K2 Intelligence’s New York and Los Angeles offices and head of the firm’s private client services and strategic risk and security practices, examine the risks of social engineering fraud, how fund managers can prevent it and how insurance policies can be used to protect against related losses. See also “What the Financial Industry Should Know to Recognize and Combat Cyber Threats (Part One of Two)
” (Jul. 26, 2017); Part Two
(Aug. 9, 2017).