Find a Professional

ServicesFind a Professional
{ Banner Photo }

Fund Cyber Security & Investigations

Working with both the fund manager and the portfolio company, BRG’s cyber security and investigative teams provide cyber risk assessments, post-incident response, and remediation services.



Cyber threats hit many aspects of fund risk—including regulatory, investigations, litigation, operational, and investment. Therefore, our cyber team includes not only highly experienced former law enforcement officials who specialize in cyber investigations and security, but also CISSPs and other certified cyber professionals, investment management experts, regulators, litigators, general counsel, board advisors, IT executives, and other fund services specialists.

Cyber Risk Management

We provide direct, clear, and objective advice to clients who seek to understand and mitigate their cyber risk.

  • Understanding how cyber risk relates to a company’s business: including scalable vulnerability assessments and reviews of existing policies/ procedures to create a tailored overview.
  • Prioritization and implementation of security improvements: enhanced technical defenses, incident response preparedness, and improved information security procedures.
  • Risk solutions tailored to particular standards, including: ISO 27001/2, NIST, and HIPAA/HITECH.
Ethical Hacking / Penetration Testing
  • Actively test the security strength of IT systems to discover security vulnerabilities that could be used by an attacker.
  • Vulnerability management strategy and implementation.
Information Governance
  • Privacy Management – Risk from exposure of PII (Personally Identifiable Information) needs to be assessed. Process maturity in 18 key areas reduces corporate risk.
  • Regulatory Framework – Review regulatory obligations for overlapping controls. Establish common information governance framework to satisfy requirements.
  • Records Management – Handling internal and customer records requires a strategy. Defensible disposition equals reduced risk.
  • eDiscovery – Optimizing electronic discovery with automation.
Security Culture Transformation and Training
  • Security Metrics – Collecting evidenced based operational security metrics enables quality decision making and tracks efficient progress.
  • Awareness Campaign – Structuring, launching, and managing effective awareness programs across the enterprise (e.g., social engineering/phishing).

News & Insights

News & Commentary


Featured Case Study