One of the most sophisticated cybersecurity operations in the world is housed inside a massive skyscraper in downtown Manhattan. The command center features a wall of monitors flashing red, yellow, and green lights blinking with the frenzy of a video game. The lights show firewalls being bombarded with constant penetration attempts. Each blink is analyzed and correlated with hundreds of other data points in real time to determine the level of significance as to which breaches need an immediate response and which barely need attention.
But this isn’t a national security or defense command center. Nor is it part of the NYPD. Rather, it’s the cybersecurity command center for a global financial services firm with a significant asset management business.
Welcome to the new world of asset management. “Investors, CEOs, and boards of directors are more concerned and educated about cybersecurity than ever before,” says Craig Stephenson, a senior client partner and managing director with Korn Ferry’s Technology Officers practice in North America.
That’s putting it mildly. A confluence of factors—among them a massive increase in the use of data, artificial intelligence, and machine learning, as well as a move to cloud-based storage—means that investor assets are now managed by more than just asset management firms. Moreover, an increasing reliance on external partners, a regulated operating environment, and more sophisticated state-sponsored attacks are creating immense pressure on firms to protect assets.
“Data is the backbone of what we do and how we make business and investment decisions. Because it also resides with our external partners, we require from them proper cybersecurity controls,” says Henrique Francisco, chief technology officer at PineBridge Investments, a global asset management firm with roughly $100 billion under management.
Global assets under management are at an all-time high of nearly $90 trillion, with industry profit about half that amount. At the same time, however, digital transformation is shrinking management fees and compressing profit margins for firms. With the difference between making and losing millions of dollars a mere millisecond, firms are pouring tens of billions of dollars into digital technology. While in the past that investment would be focused on lowering costs and executing trades faster, now an increasing share of it is going toward hiring talent and developing systems to protect against digital malfeasance. After all, a firm could lose as much from a security breach, if not more, just as quickly and easily as it can from a poor trading strategy.