Family Offices Are Getting Hacked. That Should Alarm RIAs.

Cyber criminals seek chaos and prizes. Where those come from, they don’t care.

(SeongJoon Cho/Bloomberg)

(SeongJoon Cho/Bloomberg)

The Covid-19 pandemic has forced employees to work from home and accelerated wealth management’s technology trends that were already underway. But new threats have come with that evolution. Family offices are facing new risks, according to a recent report, and other wealth managers can be subject to those, too.

Twenty-six percent of family offices have suffered a cyberattack and almost two-thirds of those incidents happened within the last 12 months, according to a recent survey led by Boston Private, the publicly-traded company that offers wealth management, trust and banking services, and manages over $14 billion.

The survey was completed by 200 single- and multi-family offices with between $100 million and $5 billion in net worth. Participants submitted responses between May and August of this year.

“John D. Rockefeller, and other magnates of his era, used family offices to oversee their vast fortunes. However, Rockefeller’s family office never had to deal with cyber ransomware attacks or privacy breaches stemming from the social media accounts of his children,” the report says.

[Like this article? Subscribe to RIA Intel’s’ twice-weekly newsletter.]

Family offices underestimate the likelihood and severity of a cyberattack. Smaller and newer ones seem especially vulnerable; 38% expect a cyberattack would have a “major or catastrophic impact” on them compared to 52% of larger family offices. That likely explains why 60% of larger and older family offices are more likely to have implemented protective cybersecurity measures, compared to 31% of newer and smaller ones.

Some family offices were ill-prepared for threats under the work circumstances forced by the pandemic. According to the report, 29% did not have a business continuity plan in place before the pandemic and 27% said “implementing secure remote working protocols is one of their top risk management challenges.”

In addition to acknowledging those shortfalls, 47% of family offices said underestimating cyber threats is “obstructing the implementation of risk management in their family office” and 41% said “complacency is an obstacle to the implementation of risk management measures.”

Despite those results, 54% of family offices still said they were prepared for cyber risks to their organization in the coming year, and 38% said they were “somewhat prepared.”

“These findings strongly suggest that many family offices are overestimating their risk management capabilities, especially when taken with other findings on the risk management challenges faced by family offices,” the report says.

Like family offices, RIAs that think they are too small to attract the attention of online threats are mistaken. Cyber criminals tend to seek out the “biggest prize” but small- and medium-sized businesses face many of the same threats (and consequences) as large ones, according to a cybersecurity report by Cisco on small- and medium-sized businesses.

Michael Thrasher (@Mike_Thrasher) is a reporter at RIA Intel based in New York City.

Subscribe to RIA Intel’s twice-weekly newsletter and follow the publication on Twitter and LinkedIn.