A regular writer, financial industry veteran and business school lecturer talks about the cybersecurity threats that the wealth sector faces, and the approaches to dealing with them.

Jay Rogers, a figure in the financial and wealth management industry who has written in these pages before, writes about the cybersecurity threats that wealth management must contend with. Drawing on a mass of examples, the article is a thorough explanation of what’s at stake. To comment on such material, please email tom.burroughes@wealthbriefing.com and amanda.cheesley@clearviewpublishing.com. The usual disclaimers apply to views of guest writers, and we thank Jay Rogers for his contribution to conversations on these topics. Rogers is also a guest lecturer at the USC Marshall School of Business. 

In my experience advising and operating single-family offices for more than 25 years, the most sophisticated investment strategies and the most meticulously drafted estate plans can unravel in an instant when digital vulnerabilities are ignored. Family office operations today resemble a finely tuned orchestra: reporting systems, bill-pay portals, cash-flow forecasting, personal asset inventories, alternative investment allocations, business interests, and estate planning documents are all required to play in perfect harmony. Yet the conductor is increasingly an artificial intelligence system that never sleeps, and the audience now includes adversaries who have weaponized that same technology to transform a family’s private life into a public vulnerability.

In this landscape, the definition of "fiduciary duty" has quietly and irreversibly expanded. It is no longer sufficient to guard the vault if the keys to the kingdom are floating in an unencrypted cloud, forwarded on a consumer messaging application, or embedded in the GPS metadata of a teenager’s Instagram story. The modern steward must secure not just assets, but the entire digital ecosystem that surrounds them.

The fundamental duty of stewardship has defined successful family offices since John D Rockefeller established the archetype in 1882. In that era, stewardship was physical and centralized: the preservation of tangible assets including oil, real estate, gold and protected by ledgers kept in literal vaults and a circle of trust limited to a handful of hand-picked advisors. The threats were proportionally tangible: a physical heist, a rogue clerk, a breach of confidentiality whispered over brandy at a gentlemen’s club.

We have now entered what might fairly be called the Silicon Valley era of risk, where wealth is often intangible, decentralized, and hyper-connected. The modern steward faces a borderless, invisible adversary who requires no safe-cracking expertise – only a convincing email, a spoofed phone number, or a three-second audio clip. Philosophically, we are witnessing a structural shift from reactive security posture to proactive data integrity management. The Rockefeller-era steward secured the building. The modern steward must secure every device, every vendor relationship, and every family member’s social media account simultaneously.

The scale of the problem is no longer theoretical. According to Deloitte’s 2024 Family Office Cybersecurity Report, 43 per cent of family offices globally experienced a cyberattack in the preceding 12 to 24 months – a figure that rises to 57 per cent for North American family offices. Among the largest offices, those managing assets exceeding $1 billion, the rate climbs to 62 per cent. Half of the families who were attacked were struck three or more times. The most common vector, experienced by 93 per cent of victims, was phishing. These are not isolated incidents. They are a sustained campaign against a sector the criminal community correctly identifies as high-value and low-resistance.

Ultra-high net worth families face risks that extend far beyond financial loss. A single breach can expose travel itineraries, yacht AIS transponder data, or private jet manifests, transforming public curiosity into targeted physical danger. Kidnap-and-ransom scenarios, once the province of geopolitical hotspots, now begin with a seemingly innocuous social media post or a geotagged photograph. Reputational damage follows with equal speed: leaked philanthropic intentions, family governance disputes, or sensitive tax structures can ignite tabloid cycles capable of eroding decades of carefully cultivated privacy.

I have served as an expert witness in fiduciary and family-office disputes, and I have reviewed cases in which multimillion-dollar portfolios were compromised not by sophisticated nation-state actors, but by a family member forwarding a seemingly harmless email attachment, or by a next-generation heir posting vacation photographs. One particularly instructive case involved a granddaughter whose Instagram story from the family yacht inadvertently revealed the vessel’s name in the background and GPS metadata embedded in the image file. Within hours, that information was in the hands of individuals who specialize in high net worth targeting. The family office learned of the exposure only after a ransom demand arrived.

This generational fault line compounds the operational challenge. The “Old Guard” prioritized absolute discretion through silence; the “Next Gen” seeks transparency and operational efficiency through integrated digital platforms. As Nietzsche observed that which does not kill us makes us stronger – but in the digital age, a single breach does not merely injure a family. It can permanently dissolve the privacy that took generations to construct. Bridging that generational gap is not a technology problem. It is a governance problem, and governance problems require leadership solutions.

The rise of artificial intelligence has amplified this vulnerability exponentially, and the evidence is no longer confined to think-tank white papers. In February 2024, engineering firm Arup lost $25 million to deepfake fraud when a Hong Kong finance employee was manipulated into executing 15 wire transfers after participating in a video call where every participant, including the CFO – was an AI-generated deepfake. The employee had initially suspected a phishing attempt. The video call, featuring eerily convincing synthetic recreations of colleagues, dissolved that suspicion. The money was gone before headquarters learned that the call had ever occurred.

This is not a cautionary tale from the future. It is already the present. According to a 2025 survey by Omega Systems, 83 per cent of family offices express concern about deepfake and impersonation campaigns targeting their principals or high net worth clients. Yet only 60 per cent of those same offices express confidence that their employees could detect or prevent an AI-driven phishing or social-engineering attack, well below the 69 per cent industry average. The gap between awareness and preparedness is precisely where adversaries operate.

AI-driven phishing campaigns now scan public filings, social profiles, and leaked family-office vendor lists to craft bespoke attacks with a degree of personalization that previously required months of human reconnaissance. A threat actor no longer needs to know your family. He needs only your LinkedIn profile, your accountant’s website, and three seconds of your voice extracted from a conference panel recording. From those raw materials, the digital age will assemble a remarkably convincing version of your CFO, or your father.

Modern family offices require unified platforms that reconcile real-time cash positions with art valuations, aircraft maintenance schedules, and dynasty-trust amendments. The operational efficiency gained from these integrated systems is substantial; the attack surface created is equally so. When reporting systems, bill-pay portals, investment custody platforms, and personal-inventory databases are not architected with zero-trust principles, a breach in one module cascades across the enterprise. The family that integrated everything for convenience has, in effect, built a single point of failure.

Strong firewalls, mandatory virtual private networks for all remote access, and end-to-end encrypted communication channels are no longer optional configurations, they are baseline hygiene. Consumer applications, even those marketed as “secure,” have repeatedly demonstrated exploitable weaknesses when deployed at the scale and visibility of ultra-high net worth families. The family that insists on using a consumer messaging application because “everyone in the family uses it” has essentially left the combination to the vault written on a Post-it note affixed to the vault door.

The 2025 Simple Family Office Security Report notes that the expanding integration of smart-estate technology – gate controls, perimeter alarms, climate systems, all accessible via mobile applications – has created a new category of cyber-physical risk. In early 2025, a smart-home breach at a US coastal estate allowed intruders to disable perimeter alarms and gain physical entry while the family was present. The breach originated from a compromised mobile application and had been facilitated weeks earlier through leaked contractor credentials. Digital compromise has become a physical threat.

Many principals assume that comprehensive cyber-liability coverage functions as a safety net sufficient to absorb the consequences of a breach. This assumption is increasingly and dangerously incorrect. According to multiple industry analyses from 2024 and 2025, between 25 per cent and 40 per cent of cyber insurance claims are now being denied, often for reasons that have nothing to do with the legitimacy of the underlying loss and everything to do with the policyholder’s failure to maintain the security controls they attested to at underwriting.

The “silent killer” in modern cyber policies is the Multi-Factor Authentication warranty. In April 2025, the City of Hamilton, Ontario had its $5 million cyber insurance claim denied following a February 2024 ransomware attack that disabled about 80 per cent of the city’s network. The insurer’s rationale was straightforward: MFA had not been fully implemented across all required systems, as stipulated by the policy. Hamilton ultimately spent $18.3 million on recovery costs it had believed would be largely covered. The insurer did not dispute that the attack occurred. It disputed that Hamilton had honored its contractual obligations.

According to Coalition’s 2024 Cyber Threat Index, 82 per cent of denied claims involved organizations that lacked fully-implemented MFA. The lesson for family offices is unambiguous: cyber insurance is not a substitute for security controls. It is a financial instrument that pays only when the underlying security obligations have been met and documented.

The governance frameworks I have helped design for multiple single-family offices treat cybersecurity as a standing agenda item for the operations or risk committee, not an annual compliance exercise reviewed perfunctorily and filed. Annual compliance reviews produce a snapshot. Standing governance produces a posture.

Annual, scenario-based training for every family member and key employee is non-negotiable. We simulate phishing attempts, deep-fake voice calls, and social-engineering scenarios drawn directly from incidents I have observed in litigation. The goal is not to frighten people. The goal is to instill the same disciplined restraint that governs investment decisions – the reflexive skepticism that asks, before any action, whether the urgency being manufactured is designed to override judgment.

Consider the operational parallels: no family office would wire $10 million to a counterparty based on a single unverified phone call. Yet families routinely authorize sensitive document transmissions, travel disclosures, and system-access grants in response to communications that have not been independently verified. The investment committee’s discipline must become the same as the security committee’s.

Enterprise cybersecurity protects the institutional perimeter. It does not protect the principal’s home network, personal devices, children’s smartphones, or the consumer messaging application the family insists on using because “it’s just easier.” That gap between the corporate perimeter and the personal digital life is precisely where adversaries operate against UHNW families, and a growing category of specialized vendors has emerged to address it.

The relevant solution categories are two. The first is Digital Executive Protection (DEP): purpose-built personal cybersecurity covering dark-web monitoring, data-broker removal, home-network hardening, personal device security, and deepfake protection – the threat surface that falls entirely outside what corporate IT departments are either permitted or equipped to address. This category also addresses what practitioners call the “wrench attack” vulnerability: the physical-world threat that materializes when a criminal aggregates enough digital information to know where a principal is, what he owns, and when he is vulnerable. Industry enrollment data consistently shows that a substantial share of principals who engage DEP services are already in a compromised state at the time of enrollment, meaning the breach preceded the protection. 

The second category is sovereign communications infrastructure: encrypted messaging, email, and VPN platforms that route sensitive traffic through jurisdictions, Switzerland being the most common, whose data-privacy law provides structural protections that US-based commercial infrastructure does not. The architecture matters because business email compromise generated $2.9 billion in losses in 2023 alone according to the FBI’s Internet Crime Complaint Center. When wire authorizations, estate-planning instructions, and personal identifying information travel over consumer-grade servers such as Gmail, iMessage, WhatsApp, Signal – they transit infrastructure over which the family has no control, no visibility, and no recourse.

Neither category is a silver bullet, and neither substitutes for the governance framework described above. What they represent, taken together, is the appropriate conceptual architecture: the institutional perimeter and the personal perimeter are distinct attack surfaces that require specific defenses. The family office that has enterprise-grade institutional security but routes sensitive instructions over Gmail and leaves the principal’s home network unmonitored has locked the front door while leaving the back window wide open.

In February 2026, US District Judge Jed S Rakoff of the Southern District of New York issued a ruling with sweeping implications for any executive, family principal, or advisor who uses artificial intelligence to prepare documents shared with legal counsel. In the matter involving former Beneficient CEO Bradley Heppner, charged with fraud in connection with GWG Holdings, Heppner had used an AI tool to prepare 31 documents related to his legal defense and transmitted them to his attorneys at Quinn Emanuel. The government moved to pierce the privilege. Judge Rakoff agreed: the AI platform used by Heppner included a clause specifying that all information entered is not considered confidential. By routing his legal strategy through a third-party AI system with that disclosure, Heppner had voluntarily waived the confidentiality that privilege requires.

The implications extend well beyond criminal defendants. Any family principal who uses an AI tool to draft communications, structure estate-planning memoranda, prepare investment-committee analyses, or document governance decisions – and then shares those AI-generated outputs with counsel – may be doing so on a foundation that a court could later find non-privileged.

The practical governance implication is clear: AI tools used in a legal or quasi-legal context within a family office must be evaluated not only for their cybersecurity posture but for their explicit contractual treatment of user confidentiality. A platform that disclaims user privacy in its terms of service is, for privilege purposes, functionally equivalent to dictating your legal strategy to a stranger on a train and then mailing the transcript to your attorney.

The privilege exposure does not end with AI-drafted documents. It extends, with equal force, to the AI notetakers now embedded by default in virtually every video conferencing platform including Otter.ai, Fireflies.ai, Fathom, and Zoom’s native meeting assistant among the most prevalent. As Perkins Coie has cautioned, attorney-client privilege can be inadvertently waived the moment confidential communications become accessible to a third party outside the circle of privilege, and a cloud-hosted AI transcription service is precisely that third party.

As the ABA has observed, AI-generated transcripts stored in third-party repositories are discoverable in litigation unless privilege demonstrably applies. In a future dispute, opposing counsel need not crack a vault or compromise a network. They simply subpoena the transcript from the vendor. The family that would never allow a stranger to sit in on a privileged call has, in many cases, already been doing exactly that – they simply called it “meeting efficiency.”

AI notetakers should be prohibited by policy from any meeting where attorney-client privilege, work-product protection, or family confidentiality is implicated. Where AI transcription is used for operational efficiency in non-privileged contexts, vendor terms must be reviewed by counsel and data-retention limits negotiated contractually.

The same logic extends to the physical room where sensitive meetings take place, and here a principle I was taught as a young Marine applies with full force: Keep It Simple, Stupid. In cybersecurity, the KISS principle means prioritizing straightforward countermeasures over complex technical architectures that introduce their own vulnerabilities, misconfigurations, and user-error rates.

Simple defenses are sustainable defenses; they get used consistently, and they do not break in ways that create new exposures. For investment committee sessions, estate-planning discussions, and any meeting where legal strategy or family governance is on the agenda, a simple and inexpensive countermeasure deserves adoption: a Faraday box or shielded pouch kept outside the conference room, where every participant deposits their mobile device before entering. This is not technophobia. The concern is the documented risk architecture: wake-word listening built into every major voice assistant, app-level microphone permissions most users grant without scrutiny, and the emerging commercial surveillance ecosystem.

In 2023 and 2024, a leaked pitch deck from Cox Media Group’s marketing division described a product called “Active Listening,” claiming the ability to capture ambient voice data and pair it with behavioral signals for targeted advertising. The document triggered Senate scrutiny and corporate denials, but the operative legal and technical point stands: when an app is granted microphone access, it can listen. Operating systems do not grant “partial listening,” they grant access to hardware. A device physically outside the room inside a signal-blocking enclosure cannot be compelled to listen, regardless of what any application’s terms permit. The Faraday box is, in this sense, the analog solution to a digital problem – low-tech, reliable, and immune to software updates.

The digital age has not altered the fundamental duty of stewardship that has defined successful family offices since the Rockefeller era. It has simply introduced new vectors through which that duty can be tested – and, for the unprepared, failed. In my 25 years of direct involvement with ultra-high net worth single-family offices, I have never encountered a family that regretted investing in robust internal controls, disciplined training, and professional-grade technology. I have, however, witnessed the profound regret that follows when vigilance is treated as optional.

The Deloitte data makes clear that 31 per cent of family offices globally have no cyber incident response plan, and 43 per cent acknowledge that their existing plan “could be better.” Only 26 per cent claim to have a robust plan.

True multi-generational wealth strategy now requires the same rigorous governance applied to alternative investment allocations and tax planning to be extended, without compromise, to cybersecurity and data integrity. The attack surface will continue to expand. The sophistication of adversaries will continue to increase. The families who accept this reality, who treat digital stewardship as inseparable from financial stewardship, will not merely survive the digital age. They will continue to thrive within it. The families who do not will eventually provide the cautionary case studies that open the next generation of training seminars.