As private debt grows, so does the threat of cyberattacks. Although it was only recently designated as a specific asset class, private credit has nevertheless been growing by $100 billion a year with estimated assets under management nearly $800 billion. Small and medium-sized companies face the greatest risk of cyberattacks, most of which are financially motivated.

What are the three key reasons for data breaches and how can you prevent them from occurring?

People

This is the biggest threat to a company as simple mistakes or misunderstandings by employees can have dangerous consequences.

In the finance sector, one in three data breaches come from phishing emails, which attempt to extract sensitive information from the recipient while posing as a trustworthy source. The best way to defend against such attacks is to ensure that all staff receive up-to-date and appropriately high levels of training.

It is particularly important to train new staff who may be vulnerable to being targeted. One preventative measure is false phishing tests which alert staff about whether they have passed or failed in order to score and measure their responses and performance.

Policy

A strict and clearly articulated cyber-threat policy can go a long way to preventing a data breach.

It should be an urgent priority to inform employees that using unauthorized removable media, such as USB sticks, is forbidden. Employees should also be sensitized to the dangers to the firm of being targets on social media. They should be also vigilant when using online marketing, which may lead to interaction with anonymous external users.

Technology

The third key reason for data breaches is inherent in the technology companies use to protect themselves. Put simply, the technology used in many firms isn’t good enough.

Most companies have decent firewalls, which use intrusion-detection systems to log activity. However, constant monitoring is required, and this is costly. Similarly, using anti-virus technology that updates every 30 days leaves systems exposed to new threats for the remaining 29 days of the month.

To address these issues, companies must use next-generation technology to prevent breaches. An MDR platform uses machine learning to understand the behavior of users, blocks suspicious activity until it has been resolved and enables the machines to understand the way a company works. Anti-virus software such as Cylance can use live updates to ensure a system will combat new viruses.

With the private debt industry continuing to grow rapidly, it is likely that the risk of cyberattacks will grow proportionately. The cost of overlooking threats will also therefore continue to increase. Yet by ensuring that workforces are trained properly, with strict and understandable policies and next-generation technologies in place, the threats can be significantly reduced.

George Ralph is a managing director at RFA, an IT, financial cloud and cybersecurity provider to the financial services and alternative investment sectors