Click here to see findings from the survey.
The pfm and eSentire cybersecurity survey asked respondents, among other questions, how prepared they were for a future cyber-attack, but the results were not heartening.
A significant majority of respondents (66 percent) have only a partially implemented cybersecurity program. Only 23 percent have a fully operational program that is compliant with SEC guidelines, which is surprising given that 53 percent cited regulatory compliance on cybersecurity as most important to their firm. Only a small percentage of firms rate awareness training, and continuous monitoring and reporting to be most important.
Even among respondents with operational cybersecurity programs, it is a relatively recent addition to the business – 43 percent have had it in place for between one and two years and only 23 percent for more than two years. Generally speaking, these programs are not expected to be a permanent fix, with one-third of respondents replying that they expect obsolescence within a year and a further 49 percent expecting a lifetime of no more than two years.
Respondent firms appear to not be reviewing their cybersecurity processes regularly enough – only 7 percent review on a monthly basis and the majority (57 percent) do so annually.
One reason why firms have not been proactive in implementing fully operational cybersecurity program may be the seeming indifference of investors on the matter. Just over half of funds surveyed say that their LPs comment only occasionally on their cyber readiness, 20 percent say their LPs never mention it at all and just 27 percent of respondents say that all their LPs enquire about it. This is perhaps why 54 percent do not believe that having a robust cybersecurity program will give them a strategic or competitive advantage in the marketplace over the next two years. The survey polled nearly 100 fund managers in fields including the buyout, real estate and infrastructure sectors.
The full survey, Cybersecurity in Private Equity: How Prepared is The Industry?, is available here.
If you do not receive this within five minutes, please try to sign in again. If the problem persists, please email: