Finlight - Rising concerns over cybersecurity – Steps to protect family offices from cyber threats
Image description

Rising concerns over cybersecurity – Steps to protect family offices from cyber threats

JB Tanqueray

27 August, 2021

Rising concerns over cybersecurity – Steps to protect family offices from cyber threats

The prevalence of using computerised systems in this digital era has prompted family offices to store and process data on cloud solutions or data centres, leading to a rise in data security concerns. While digitisation and automation render major benefits to the family office world, they also generate new risks and vulnerabilities relating to cyber threats.

Covid-19 has amplified risks of cyber security due to a significant increase in the number of people working from home (IOCTA, 2020). According to Cybersecurity Ventures, the global cost of cyber-crime could reach up to an astounding amount of USD $6 trillion by 2021. More strikingly, projections indicate that such cost will grow by 15 per cent per year over the next five years, reaching USD $10.5 trillion annually by 2025.

This blog article offers insights into different common types of cyber-crimes and highlights how a resilient approach could help family offices prevent cyber threats.

Why are family offices the prime target?

Cyber-crime statistics reveal that family offices are increasingly falling victim to data breaches, raising their financial and reputational risks. Individuals and families with significant wealth hold high visibility and public profile, making it easier for cyber criminals to access their personal details and sensitive information.

Indeed, Global Family Office Report 2018 by Campden Wealth highlights how in 2017, 32% of family offices suffered losses from cyber attacks, with one case costing a family $10 million. Nonetheless, 48% of respondents indicated they did not establish a cyber security plan.

Besides, there is insufficient investment in the necessary information technology systems, where family offices lack formal governance structures and guidelines associated with information security. These reasons therefore make family offices obvious targets for fraudsters due to their potential extortion value.

Common types of cyber attacks

There are few common types of cyber attacks that may put family offices’ valuable reputations in jeopardy. It is therefore vital to understand what they are, how cybercriminals carry out the attacks, and what potential costs and negative impacts these cyber-crimes arise. With a better understanding, family offices can apply appropriate cybersecurity practices to avoid falling victim to cyber attacks.



Ransomware remains to be the most dominant cyber threat across the EU (IOCTA, 2020). It is a type of malicious software designed to encrypt individuals’ or organisations’ files that can only be restored until a sum of money is paid. The latest data forecast from Cybersecurity Ventures states that the cost for global ransomware will reach $21 billion in 2021, which is 57 times higher than the cost in 2015.


Blackmail is where cybercriminals infiltrate an organisation’s network and extort victims with the threat of releasing stolen data. In 2021, almost 16 thousand blackmail offenses were reported in England and Wales. In 2018/19, the number of blackmail offenses reached over 13.8 thousand, representing a rise of over 5.5 thousand from the previous reporting year (Statista, 2021).


Business email compromise (BEC)

BEC is a type of computer-enabled fraud that has become particularly prevalent due to its ease of gaining unauthorized access to a computerised system. In most cases, BEC is a form of targeted phishing attacks delivered via email, with the intention of deceiving recipients to download an attachment or click a link. This remains to be an area of concern as it has become more targeted recently, where scammers have displayed a better understanding of their targets’ internal business processes and systems’ vulnerabilities (IOCTA, 2020).

Social networking

Social networking has escalated to become the preferred communication platform for individuals and businesses, where platforms such as LinkedIn, Facebook, Instagram and Twitter pose significant cybersecurity risk to family offices. With cybercriminals exploiting the social media landscape, hackers could hijack a high-profile individual’s account and extract sensitive information, potentially damaging a family’s reputation.

Steps to improve data security and vigilance

As family offices face evolving operational challenges with complex goals, it is inevitable to prioritise cybersecurity with a dedicated policy in place.

We have provided a summary of the steps that family offices should take to effectively mitigate the risk of cyber threats:

  1. Training and awareness – family offices should provide ongoing training to their team to keep abreast of new and existing cyber attacks as well as how to detect and avoid them
  2. Threat monitoring – Machine Learning and Natural Language Processing (NLP) technologies have grown to become more prominent in the institutional investment world. Embracing their advanced digital capabilities allows family offices to establish a robust monitoring system in place that detects unauthorised access and safeguards sensitive data
  3. Adequate backups – with a technical solution in place, make sure to perform regular data backups to a secure, independent network. This enables family offices to restore their data and maintain operations in the event of a cyber threat
  4. Robust cloud solution – the use of providers with robust cloud solution that is approved by a regulator offers data protection 24/7 with little to no human intervention. With the right cloud security measures in place, family offices can operate at scale with lower technology costs and improved agility that maintains their competitive edge
  5. Authentication – family offices should ensure their passwords are strong and backed up by multifactor authentication to increase their data security level
  6. System security – the use of anti-virus software prevents and identifies potentially damaging activities in IT systems. Family offices should make sure it is up to date for a stronger endpoint protection


By performing the above steps, family offices can become more resilient to potential cyber threats with increased cybersecurity vigilance. It is therefore time to embrace advanced technologies to help family offices establish robust risk management frameworks, so that they are adequately prepared for future market uncertainties and cyber attacks.

To gain an in-depth understanding of how AI and Machine Learning maximises impact for family offices to become high performing, from greater efficiency to improved data security,download our white paper.


Deloitte United Kingdom. 2021. Cyber threats to family offices. [online] [Accessed 11 August 2021].

Botha, F., 2021. Why Family Offices Need To Prioritize Cybersecurity. [online] Forbes. [Accessed 11 August 2021].

Europol. 2021. INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2020. [online] [Accessed 11 August 2021].

Statista. 2021. Blackmail offences England and Wales 2021 | Statista. [online] [Accessed 11 August 2021].

Cybercrime Magazine. 2021. Cybercrime To Cost The World $10.5 Trillion Annually By 2025. [online] [Accessed 11 August 2021].

arrowBack to Spotlight

Latest Article

Image description

There is a radical transformation going on in private markets

12 September, 2023