INSIGHTS AND RESOURCES
The value of proactive family office cybersecurity assessments
CASE STUDY |
Authored by RSM US LLP
RSM’s client, a founder of a successful technology company, currently has a family office and a small staff of household employees. Over the years, the client has become more active in private equity and serves as a general partner of his own private equity fund. The client recently was targeted in an unsuccessful business email compromise scheme related to a fraudulent capital call request regarding one of his private equity investments. Fortunately, the client’s bank stopped the payment due to the suspicious account number. However, the client still had cybersecurity concerns, specifically ones surrounding his internal control environment. At the recommendation of the client’s wealth manager, the client requested RSM to scope a proactive family office cybersecurity assessment to help mitigate the risk of similar attacks in the future.
Working collaboratively with the client and wealth advisor, RSM helped to identify and prioritize areas of concern and develop a customized family office cybersecurity assessment. That collaboration facilitated interviews with the client, key family members and family office team members to identify and understand important topics. Those topics included but were not limited to:
- How were payments received and executed?
- How were emails received and responded to?
- How were funds received, and who were they received from?
- How were technologies such as computers and mobile devices used, and what is the potential for those technologies being compromised?
- How did the client, family members and family office team communicate with each other and other key entities, such as third-party providers?
- Who were the client’s key third-party providers, and what services did they provide?
In addition, the client’s technology environment was evaluated, and other potential vulnerabilities were identified and discussed with the client and family office team.
An executive workshop seminar with the client and the client’s family office manager was set up to analyze their processes and the technologies they used to support the family office and the client’s personal life.
During this interactive workshop, RSM showcased for the client methods that bad actors use to target and attack corporate and personal systems. RSM also facilitated hands-on sessions with the client, demonstrating methods to reduce susceptibility to social engineering, business email compromise and ransomware attacks.
RSM identified gaps in the client’s professional and personal cybersecurity practices that placed the client at risk. Following the interactive executive workshop seminar, RSM provided a summarized report with recommendations in the areas of encryption, endpoint protection, vendor management, network security, user account and password protection, device management, and internet and social media usage to help strengthen the client’s cyber controls.
Key benefits for the client included:
- Education and awareness about current family office trends related to cyberattacks.
- Identification of tools and process enhancements with which a family office could improve its cybersecurity.
- Post-engagement support for implementation of recommendations as needed, and advisory around recommendations.
Call us at +1 213.873.1700, email us at email@example.com or fill out the form below and we'll contact you to discuss your specific situation.
This article was written by RSM US LLP and originally appeared on 2021-01-18.
2020 RSM US LLP. All rights reserved.
The information contained herein is general in nature and based on authorities that are subject to change. RSM US LLP guarantees neither the accuracy nor completeness of any information and is not responsible for any errors or omissions, or for results obtained by others as a result of reliance upon such information. RSM US LLP assumes no obligation to inform the reader of any changes in tax laws or other factors that could affect information contained herein. This publication does not, and is not intended to, provide legal, tax or accounting advice, and readers should consult their tax advisors concerning the application of tax laws to their particular situations. This analysis is not tax advice and is not intended or written to be used, and cannot be used, for purposes of avoiding tax penalties that may be imposed on any taxpayer.
RSM US Alliance provides its members with access to resources of RSM US LLP. RSM US Alliance member firms are separate and independent businesses and legal entities that are responsible for their own acts and omissions, and each is separate and independent from RSM US LLP. RSM US LLP is the U.S. member firm of RSM International, a global network of independent audit, tax, and consulting firms. Members of RSM US Alliance have access to RSM International resources through RSM US LLP but are not member firms of RSM International. Visit rsmus.com/about us for more information regarding RSM US LLP and RSM International. The RSM logo is used under license by RSM US LLP. RSM US Alliance products and services are proprietary to RSM US LLP.
Vasquez & Company LLP is a proud member of the RSM US Alliance, a premier affiliation of independent accounting and consulting firms in the United States. RSM US Alliance provides our firm with access to resources of RSM US LLP, the leading provider of audit, tax and consulting services focused on the middle market. RSM US LLP is a licensed CPA firm and the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with more than 43,000 people in over 120 countries.
Our membership in RSM US Alliance has elevated our capabilities in the marketplace, helping to differentiate our firm from the competition while allowing us to maintain our independence and entrepreneurial culture. We have access to a valuable peer network of like-sized firms as well as a broad range of tools, expertise and technical resources.
For more information on how Vasquez & Company LLP can assist you, please call +1 213.873.1700.
Subscribe to receive important updates from our Insights and Resources.