Technology
The Intersection Of Cybersecurity And Physical Security
Here is a summary of points made in one of the sessions at the FWR Family Office Cybersecurity And AI Summit in New York.
The following brief comments, stemming from a session at the Family Wealth Report Family Office Cybersecurity and AI Summit, is the second item in a series. It comes from Tom Aldrich, 360 Privacy; Lisa Gelles, Howard Insurance, and Kate Norris, Atténuer Risk.
The editors of this news service are pleased to share this
material; the usual editorial disclaimers apply. Email tom.burroughes@wealthbriefing.com
if you wish to respond.
The participants:
Kate Norris, founder and CEO, Atténuer Risk
Kate Norris is a recognized industry expert, having served
hundreds of family offices and wealth advisory firms for over 25
years working on the broker, carrier, wealth advisory and
consultancy sides. Kate founded Atténuer Risk in 2021 and serves
her clients as a fee-only risk and resiliency consultant. Kate
maintains her insurance licensing and graduated from the
University of Kansas. She serves on the Advisory Board of the
Council for Insuring Private Clients & High Net Worth Individuals
and is a faculty member for the National Alliance – CPRM
designation.
Lisa Gelles, executive director –
private client, Howard Insurance
Lisa Gelles serves as executive director in the private client
group at Howard Insurance. In her role, Lisa sits at the helm of
the firm’s family office practice, working closely with each
family and their advisors to provide a consolidated approach to
complex risk issues. Under her guidance, the team designs and
implements sophisticated insurance portfolios. Lisa has extensive
risk management and specialized insurance expertise on high
value collections and real estate on a national and international
basis. Her attention to detail and the discretion with which she
operates makes her sought after by families that appreciate
privacy. Lisa brings over 20 years of experience across the
insurance industry. She has held leadership positions at two
prominent high net worth insurance companies. In addition, Lisa
holds the Associate in Reinsurance (ARe) designation and spent
over six years as a treaty reinsurance broker. Lisa is recognized
as a Top Financial Advisor by Washingtonian Magazine.
Tom Aldrich, chief revenue officer, 360
Privacy
Tom Aldrich joined 360 Privacy in 2022 after having worked at
Goldman Sachs as a private wealth advisor. He came to Goldman
from the US Army, where he served as a Green Beret and functioned
as both a communications and intelligence subject matter expert.
He was deployed overseas four times, where he was responsible for
tactical and strategic targeting, intelligence, and digital
exploitation. Tom is a Certified Ethical Hacker and obtained his
CIPP/US certification from the International Association of
Privacy Professionals.
Session Description
In an era where digital threats are increasingly intertwined with
physical risks, the session “The Intersection of Cyber Security
and Physical Security” delves into the critical nexus between
these two domains. This session explored how advances in
technology have blurred the lines between cyber and physical
security, necessitating a unified approach to protect assets,
information, and family members.
Facts and figures
According to the FCC, there were approximately 1.5 billion
targeted attacks on IoT devices in the first half of 2021.
The number of IoT devices is projected to climb to 25 billion by 2030.
Key Take Aways
Families and family offices need to take a proactive approach to
their security both physical and cyber, this includes:
Conduct a physical security and cyber security threat assessment at both the family office level and the household level;
Be sure to include any vulnerabilities present on the open web through data broker websites (like Spokeo.com, BeenVerified, etc.), as well as the deep and dark web;
Review and understand their vulnerabilities uncovered in the assessment;
Create an action plan to mitigate or eliminate their vulnerabilities; and
Build a resiliency plan that will respond to either a physical security threat or cyber security threat. The plan needs to be communicated and reviewed with all staff and family members.
When selecting team members, from a cyber security perspective, consider choosing those with expertise in:
Digital: data brokers, B2B websites, social media, and AI;
Legal: AI governance, domain ownership, and the newly-enacted Corporate Transparency Act;
Physical: travel and emergency risk management, as well as access control; and
Review, revisit and adjust – you cannot put this in the drawer and forget it.