Share This Post

Business Wire

Castle Hall Issues Cybersecurity Due Diligence White Paper For Investors, Highlighting Cyber Lessons From 2020

MONTREAL–(BUSINESS WIRE)–#credentialstuffing–Castle Hall, the Due Diligence Company, today issued a new white paper outlining lessons from 2020 impacting cybersecurity in the asset management industry. The unheralded transition of both asset managers and investors to remote work created a multitude of new cybersecurity issues, albeit against a backdrop where this remarkable technology shift worked relatively well for most industry participants.

The paper highlights seven core topics across the cybersecurity landscape in 2020:

  1. Covid-19 and the cyber challenges of remote work
  2. Zoom and virtual meetings
  3. Covid-19 fraud
  4. Credential stuffing
  5. Notable cyber breaches
  6. A cyber hack kills a hedge fund
  7. SolarWinds

“Cybersecurity is a key due diligence concern for institutional investors,” said Chris Addy, Castle Hall’s CEO. “At the same time, cyber requires a dedicated and differentiated approach as compared to traditional operational due diligence. Our technology team has developed a detailed cybersecurity diligence program, which can help investors better understand the cyber risks across their portfolio of external asset managers.”

“It is surprising to see asset managers falling down on relatively basic cyber controls,” said Anne Coady, Managing Director. “Questions such as whether managers enforce password hygiene and mandatory password changes, adopt two factor authentication for key systems, and even whether they block laptop USB ports, result in varied findings. We are particularly surprised when discussing topics such as phishing testing: even large firms may have not yet adopted a robust, frequent program to educate and test their staff around email attacks.”

Castle Hall works with institutional investors to support their cyber due diligence programs with dedicated diligence beyond the level of cyber questions typically conducted within traditional operational due diligence. The firm also offers sophisticated reputational due diligence, which monitors asset managers for disclosures and adverse media content related to cyber breaches and other technology issues.

Castle Hall’s white paper can be downloaded from Castle Hall’s dedicated cyber website.

About Castle Hall

Castle Hall Diligence helps investors worldwide manage the operational, ESG, cyber and investment risks of asset managers. Castle Hall’s core competitive advantage is DiligenceHub, the firm’s proprietary online diligence platform, which has helped clients review diligence across several thousand fund entities. More information is available at and


Mat Wood (x436) and Jessica Dodge (x437)

+1 450 465 8880

Share This Post