Alternative investment firms seeking partners against cyber risks

Global survey of alternative investment institutions finds increasing interest in outsourced cybersecurity

Alternative investment firms seeking partners against cyber risks

Across the alternative investment industry, organizations are upping their digital experience and security investments amid the changing threat landscape, tighter regulations, and continuous pressure to innovate.

That was the overarching finding of the recent IDC paper "Cybersecurity and Digital Transformation of Global Alternative Asset Institutions: A Critical Pairing,” which was commissioned by ECI, a leader in public cloud and cybersecurity managed services for the global financial services industry.

To understand the current state of digital transformation and cybersecurity, identify major roadblocks and advantages of an aligned strategy, and investigate the expanding role of consulting services as strategic partners, IDC surveyed senior leaders from 400 global alternative investment institutions in the United States, Canada, France, the United Kingdom, and Germany.

It found that although there is an increase in investment in cybersecurity and digital transformation, there is a decline in internal execution due to rising outsourcing patterns.

Nearly half (48%) of the institutions surveyed plan to increase spending on digital transformation and security by at least 10% in 2022 compared to 2021.

The results of the survey also show that organizations are using managed service providers and consulting firms more frequently to help the management and execution of initiatives. In the next two years, about 30% of institutions aim to heavily outsource to managed services companies, more than doubling the current utilization (12%).

Within the next two years, more than half of those surveyed (51%) will either heavily outsource to MSSPs or combine MSSPs and managed threat detection and response providers.

A primary justification for using consulting services, according to 67% of respondents, is staff augmentation in addition to specific project work.

Security and privacy were cited as the main issue for more than half of respondents (57%) and over one third (35%) of respondents, respectively, when it came to adopting digital transformation.

In 2021, 61% had started digital transformation initiatives with a security component. Risk assessment management was listed as a major priority for digital transformation activities by 47% of respondents, and road mapping and security strategy were prioritized by 42% of respondents.

“What these findings show is that the alternative investment market recognizes the value of coupling digital transformation and cybersecurity strategies, and firms are prepared to invest in such efforts, but struggle with execution due to obstacles outside of their control like staffing shortages,” said David Andrade, CEO of ECI.

Given the industry-wide skills gap in personnel trained in threat monitoring, alerting, and response, institutions are looking into vendor managed security solutions as a more cost-effective strategy that enables in-house teams to concentrate on routine business and digital transformation efforts.

“Digital transformation initiatives with embedded cybersecurity are top of mind for most industries due to the significant impact DX can have on a company’s profitability, growth and risk management,” said Philip Harris, Director, Cybersecurity Risk Management Services at IDC. “With security taking a critical role, companies are turning to outsourced resources to both scale initiatives and build or maintain a strong security posture in the process.”