On 21 January 2016, the Hedge Fund Standards Board (HFSB) published a press release (dated 19 January 2016) summarising lessons learned from its first table top cyber-attack simulation for hedge fund managers in London.

http://bit.ly/1SAnpop

The aim of the simulation was to explore the response of hedge fund managers to three scenarios:

• Data theft and leakage of sensitive data.
• Financial infrastructure attack.
• Crypto-ransomware.

Lessons learned from the simulation included:

• Confusion over responsibilities can prevent an effective response. Cyber security should not be considered as just an IT issue, given the legal, compliance, investor relations and reputational issues involved.
• Certain types of cyber-attacks may exceed a manager’s internal response capabilities. They should be prepared to quickly obtain external legal and IT expertise.
• It is important to prepare in advance using a cyber-security incident response plan.

In September 2015, the HFSB published a memo on cyber security for hedge fund managers

• http://hfsb.org/?page=13064

ALSO FSA & FCA good practices in managing data security risk  should be considered

• https://www.the-fca.org.uk/data-security?field_fcasf_sector=286&field_fcasf_page_category=unset
• https://www.fca.org.uk/static/documents/fsa-data-security-factsheet.pdf