logo

Cybersecurity

A material impact area for our clients

Our Goal

Continue to adapt cybersecurity practices in the face of an evolving threat landscape, enlisting every LFCM employee in the effort to protect the privacy, intellectual property, and data of our clients, employees, and business partners.

Technology has made it possible to communicate, collaborate, and share data seamlessly and from any location. But the same technology on which we increasingly rely, especially during a period of mass migration to remote work, is being exploited by cybercriminals. That is why seedvest is committed to protecting the privacy, data, and intellectual property of our stakeholders. We maintain a multi-layered protective environment to safeguard stakeholder assets from external and internal threats, and continually work to strengthen our controls as attack strategies evolve. We recognize that information security has a social impact that extends beyond our direct business relationships and activities.

Against a changing industry and risk landscape, seedvest has had to be vigilant to maintain a resilient business in the face of cyber threats. The shift to remote work brought additional considerations and analysis about how we conduct our business and protect our stakeholders’ data. We responded by focusing on governance, education, third-party risk management, and external validation of the strength of our cybersecurity program.

Seedvest designed our information security program to proactively address threats and regulatory requirements while protecting firm and client data. We focus on governance, prevention, detection, response, and recovery. The program’s components include third-party risk, identity and access management, infrastructure defense, network, perimeter, and insider threat monitoring, and cyber incident management. These components – combined with a robust training and communications program – help us build a more resilient organization.

Core Program Components

  • Seedvest operates in compliance with evolving industry best practices and guidance – as well as applicable privacy, banking, and securities regulations in each of our operating jurisdictions.
  • Seedvest’s Compliance and Enterprise Risk Management teams monitor and track evolving regulations and laws to identify additional requirements and provide input to the cybersecurity program to provide for timely compliance.
  • Seedvest’s systems and policies protect the firm’s information resources, including controls to address confidentially, integrity, and availability.
  • A year-round program, consisting of computer-based training, in-person training, a formal phishing awareness program, and regular firmwide communications about new threats, strives to make our employees more aware and educated on cyber risks.
  • Through our 24/7 cyber security hotline, employees are empowered to quickly escalate concerns.
  • Our incident response plan is designed to promptly respond to, and recover from, cyber security events affecting the confidentiality, integrity, or availability of information systems or the continuing functionality of any aspect of our business or operations.
  • We review, escalate, and resolve reported data disclosures in accordance with a defined process based on regulatory and contractual requirements, as well as industry best practices.
  • We stay abreast of threats and countermeasures through information-sharing organizations and regularly contributes to cyber security industry and vendor conferences.

100 %

Compliance with NYDFS and SWIFT Cyber Security Requirements for Financial Services Companies

100 %

participation in employee phishing awareness program

100 %

compliance on mandatory employee training

69 %

of employees report suspicious emails as part of our phishing awareness program