Cybersecurity & IT-Security for Swiss Asset Managers

The Swiss financial sector is under constant attack: institutions reported 30 percent more cyberattacks to FINMA in 2024 compared to the previous year. Smaller asset managers and independent financial advisors in particular are increasingly being targeted by international cyber criminals. Outdated IT systems, inadequate protective measures and a lack of employee awareness make them easy targets. Not only are millions at stake; a single successful attack can destroy decades of customer trust.

The most important facts at a glance

• Threat situation intensifies: ransomware groups such as PLAY, AKIRA and Lockbit 3.0 are targeting Swiss financial service providers
• Smaller institutions particularly at risk: email remains the most common infection vector for independent advisors
• Observe FINMA reporting obligation: 24 hours for initial report, 72 hours for detailed cyber incident report
• Supply chain risk on the rise: a third of all incidents involve outsourced IT services
• Immediate action required: multi-factor authentication and regular backups are essential for survival

Why financial advisors are in the crosshairs

It seems that cyber criminals have changed their strategy. Instead of targeting the hard-to-crack big banks, they are focusing on smaller financial service providers with valuable customer data. FINMA registered a dramatic increase in attacks on independent asset managers and insurance brokers in 2024.

Business email compromise (BEC) and CEO fraud cause particularly high losses. Attackers pretend to be management and initiate transfers to other people’s accounts. SIM swapping (the theft of digital SIM cards to bypass two-factor authentication) is also increasing rapidly.

The reality is sobering: a quarter of all reported incidents are malware infections that often remain undetected for weeks. Outdated IT infrastructures without regular maintenance offer hackers ideal entry points.

Reading tip : The essential tools for financial advisors

FINMA tightens supervision and reporting obligations

The Financial Market Supervisory Authority is taking cybersecurity seriously. Its supervisory notice 03/2024 specifies the reporting obligations and tightens the supervision of smaller institutions.

The following applies in the event of a cyber incident:

• 24 hours for the initial report to FINMA
• 72 hours for detailed reporting via the survey and application platform
• Immediately initiate damage limitation and root cause analysis

Violations can result in severe fines. More importantly, however, those who do their homework protect themselves against attacks that threaten their existence.

Technical protective measures at a glance

Protective measure	Benefit	Implementation
Multi-factor authentication	Prevents 99.9% of all account takeovers	For all systems with customer data
Automatic backups	Protection against ransomware extortion	Stored daily, offline
Email security	Stops phishing and malware	Anti-spam with sandbox analysis
Endpoint protection	Detects malware immediately	Install on all devices
Network monitoring	Detects attacks at an early stage	24/7 monitoring of critical systems
Encryption	Protects data in the event of theft	Hard disks and e-mail traffic

Reading tip : Financial advice for companies: The biggest challenges

Employees as the strongest firewall

People remain the weakest link in the security chain. Phishing e-mails are becoming increasingly sophisticated and hit untrained employees with devastating precision.

Regular training courses sensitize the team to current threats. Simulated phishing tests uncover vulnerabilities before real attackers exploit them. This is not about punishment, but about continuous learning in a changing environment.

A well-trained team recognizes suspicious emails, questions unusual payment requests and reports security incidents immediately. No technology can replace this human firewall.

Five immediate measures for better cybersecurity

Are you just starting out with your IT security efforts? Then these pragmatic tips can help you improve the situation:

1. Introduce password managers: Generate unique, complex passwords for all accounts and store them securely
2. Automate software updates: Always keep the operating system, antivirus and all programs up to date
3. Implement a backup strategy: Daily, automatic backups to separate, offline-accessible storage devices
4. Activate two-factor authentication: Essential for all critical systems and email accounts
5. Take out cyber insurance: Financial protection in the event of successful attacks and professional incident response

Reading tip : Financial advice for companies: The biggest challenges

Secure asset management with regulated partners

FINMA-regulated asset managers such as Everon continuously invest in state-of-the-art cybersecurity infrastructures. Thanks to strict regulatory standards and professional security architectures , you can guarantee your clients the highest level of data security.

Working with established, regulated partners significantly reduces your cyber risk. While you concentrate on providing advice, specialized providers take over the safekeeping and management of assets.

https://www.youtube.com/watch?v=kqaMIFEz15s

Cybersecurity as a competitive advantage

Cybersecurity is not a chore, but a decisive competitive advantage. Clients only entrust their assets to consultants who operate demonstrably secure IT structures. Those who invest in cybersecurity today will secure the trust of demanding customers tomorrow. The 30 percent increase in cyber attacks shows this: The issue is not going to disappear. On the contrary - the threats are becoming more complex and more targeted.