Tech And Cyber Outsourcing To Become The Norm

May 26, 2023

This article first appeared in Hedgeweek.

Financial firms are facing growing complexity in the nature of the cyber threats they receive. This, coupled with increasing regulatory requirements for robust cyber practices, is driving the need for more external support. Jonathan Bohrer, President at Abacus Group, shares his perspective on the trend to outsource technology and cybersecurity capabilities.

Can you outline the industry trends which have been driving growth and development within your firm over the past year?

We have witnessed an increased shift towards outsourced IT and cybersecurity, as the breadth of expertise required to manage technology at an investment firm widens. This is due to increasing technical complexity and constantly shifting public cloud workflows.  No small, internal, myopically-focused IT department can keep up with the constant change, hence the growing trend to outsource to experts with a wide bench of resources at their disposal. Furthermore, the cost efficiencies created through outsourcing are magnified by technology labour challenges and employee turnover, which continue to be heightened.

In what areas has your firm experienced the most significant growth and how have client needs and demands changed what has your response been in terms of your service offering?

The largest area of growth we’ve seen has been in the realm of cybersecurity, both on the technical protection and regulatory fronts. We have seen growing threats in our industry that  call for an expanded set of tools to protect against them along with an increasing regulatory and investor focus on preparedness, vigilance, and now compliance with updated requirements from regulators.  As regulatory oversight grows, firms can face a raft of potential legal and compliance implications should they be subject to an exam, or worse yet, a breach; these include financial penalties, personal liability, and potential prosecution. This has meant that the need for strong cybersecurity measures has sharpened significantly.

Are there upcoming regulatory updates which could affect your business and that of your clients?

Yes, there are a number of regulatory changes on the horizon which have resulted in our clients taking their cybersecurity measures even more seriously. The US Securities and Exchange Commission’s (SEC) proposed rules relating to this area will see firms having to produce a considerable number of written policies and procedures. These rules will also introduce enhanced disclosure of cybersecurity incidents, with firms having to report material incidents within 48 hours and updating disclosures on previous incidents as well. The growing regulatory scrutiny in relation to cybersecurity supports the trend to outsource such functions. In fact, we believe that the government bodies mandating compliance with rules, prefer an independent third-party firm conduct preparedness exercises. This practice ensures a thorough and diligent approach, while also allowing firms to focus on their core business functions.

Do you see the industry changing fundamentally over the course of the medium to long term? Are there any trends which have been given over-inflated importance?

I see the technology side of the industry continuing to follow the same trajectory we’ve witnessed in fund administration and outsourced compliance over the last 20 years. Hardly any firms are performing these functions in-house now, regardless of size.  The same will hold true in technology and cybersecurity as the product offerings and transparency improve in what is now a fully-commercialised industry (financial and fintech MSPs) which, not that long ago, were considered “cottage industry” startups. The cost savings and expertise are too great at the fund level for them to not fully, or at least partially, embrace these solutions.

What are the primary challenges your firm and your clients are facing and what is critical to these being overcome?

The pace at which the large core underlying tech providers, such as Microsoft, Amazon, etc., release changes and new products make for significant challenges to keep up with and ensure our employees are knowledgeable and trained.  The flip side of that argument is that many of these new offerings improve efficiency and workflows once implemented. Importantly, these very tools themselves, will allow for our employees to be more productive, and thus learn and know more about the technologies they’ve been asked to become experts in delivering.


Learn more about how your firm can benefit from our comprehensive IT and cybersecurity services.

Contact Us