London, UK: On February 1st CyNation, DAC Beachcroft and Willis Towers Watson co-hosted a seminar “Private Equity at the eye of a perfect storm: Why cyber risk and regulation matters” to discuss strategic impacts of proliferating cyber challenges from a rarely discussed PEVC perspective.
The seminar was held against the backdrop of increasing business digitalisation, cyber crime and new data regulation such as the EU GDPR hitting business globally as we speak. With investments across a multitude of industries, the Private Equity and Venture Capital (PEVC) sectors are particularly exposed to this new, harsh reality.
Daniela Menzky, COO at CyNation said: “On one hand, the amount of cyber threats is increasing every day and, in fact, they are becoming far more sophisticated and capable in outsmarting current static defenses and human beings. On the other hand, the regulatory compliance of cyberspace is growing in complexity, and demands on businesses are increasing correspondingly. It is critically important for PE and VC companies to be aware of these new challenges not only to protect themselves, but also to make smarter decisions on every phase of the investment life cycle.”
A key takeaway from the event was the need for PEVC firms and their investment portfolios to identify and quantify their exposures related to cyber security and data protection regulation before embarking on a journey of risk management and crisis control measures – across every phase of the investment life cycle, from fund raising to fund closure.
Seminar attendees confirmed that cyber resilience and compliance with new data protection rules is an increasing concern. On the question “How confident are you in the cyber resilience of your funds?”, 38% of the audience responded being either “not confident” or simply not aware of the state of cyber resilience in their funds (Image 1).
When asked how the importance of cyber security and compliance is ranked in Due Diligence, 83% of voters told us that they consider it “high” or “critical” (Image 2).
These opinions further underline the importance of knowing what a firm is up against in terms of cyber risk exposures, and then pinpointing which data or processes are top priority to protect. Especially as cyber breaches – whether in the shape of theft, loss or outright DoS attacks – are nowadays a question of “when”, not “if” for most companies.
Ultimately, the discussion made it clear: data is not only the new oil of our era; if not managed with due care and urgency, it can easily morph into the substance causing fatal outcomes for business reputation and goodwill.
We hope we triggered some thinking of how your organisation will address its compliance with the EUGDPR. Please contact us at firstname.lastname@example.org for further information or support.