In good times, people steal, they say. And when times are bad, they really steal.

One law firm called Coronavirus the “possible largest-ever security threat,” but not because looters are taking advantage of peaceful protests against police brutality to smash-and-grab.

It’s because hackers are on the prowl more than ever, and certain corners of Wall Street are particularly susceptible to being ripped off - no matter what executives are saying about best-in-class security protocols and password protection.

Business Insider reports that private equity, in particular, is ripe for the picking. The problem is that many companies are running old older tech systems, or are poorly staffed, or a combination of both - leaving ample opportunities for hackers to infiltrate weakened security systems. It’s no different than when hackers began holding hospitals’ data hostage from them for ransom in real-time - only now, in the age of Coronavirus, it sounds like there must be at least some honor among thieves because the criminals appear to be spending less time digitally sticking up doctors and maybe moving on to bigger, more lucrative businesses.

A big enough hack can turn into a giant PR liability, damaging customers’ trust - or, worse still, a truly well-executed plan can leave a company financially hobbled, with a pandemic being a terrible time to run short on cash for payrolls. So, right now, the stakes are ever-higher, as sophisticated crooks (and probably, some not-so-sophisticated ones) are acting just like portfolio managers and diversifying their business strategies for the "new normal." 

Private equity investors are obligated to provide their large financial backer's updates on investments, whether that ranges from profits, to staffing, to ESG-related metrics. One of the impacts of the pandemic’s outbreak is that private equity investors are ill-equipped to work remotely with their investors, often tracking data via outdated software and methods.

Soon, big PE firms’ investors - like state pensions, family offices, and large sovereign wealth funds - could start demanding updates on how well they’re securing assets digitally, since it’s increasingly clear hackers have made LBO shops a mark.

It makes plenty of sense - at a time when every other American has to focus on communicating remotely and using apps to make digital payments, much bigger firms are put in a position of having to transact digitally and execute more work functions online. A recent FBI report notes that both domestic and international hackers have been leading a spike in cybercrime since the pandemic began. Certainly, if they’re out to swipe your Venmo password to swipe a few hundred dollars out of your app, they’d love to dial it up several notches, and roll a billion-dollar investment firm. 

What's the solution? Companies like Okta, which manages identity security as more workers log in remotely; the company's stock has nearly doubled in a turbulent 2020. Next, it could even be Palantir, the controversial security and data company that is also reportedly gearing up plans for an Initial Public Offering.

There will still be a need to index and report upon cybersecurity disruptions, resolutions, and best practices - and limited partners will be wise to ask and have answered questions regarding preventative steps before, instead of after, a breach. But that may come down more to relationship management and data tracking than most investors can convey in an XLS, or through a slide deck. 

Big banks' and hedge funds' data security is heralded for being top-notch - but private equity firms, especially those managing multiple portfolios, have amassed a collection of companies with disparate security systems and protocols, some of which may be especially vulnerable to hackers. It's clear that business, as usual, isn't coming back anytime in 2020, as pandemic surges slow and setback US cities' reopenings. This puts most investors in the position of needing to make upgrades and new policies quickly - or, face the likelihood they get turned into this industry's precautionary tale. 

Ad placeholder