Eight of every 10 hedge funds and other investment firms increased spending on cybersecurity in 2025, according to a report Tuesday from the Hedge Fund Association and SeaGlass Technology.
About half of these firms said they were breached over the past 12 months. The survey is based on responses from 400 executives at these firms, including hedge fund managers, institutional investors and industry service providers.
Phishing was the top concern of about two-thirds of those surveyed.
About half of respondents said incidents were linked to third-party risk, which has increasingly been a concern across industries as companies become more interconnected.
These firms plan to boost spending over the next 12 to 24 months to boost resilience. Priorities include incident response, threat detection, cloud and endpoint security, and identity and access management.
Cybersecurity has been a growing area of concern among investment firms in recent years. These firms are among the most heavily regulated among all industries, yet, because they control so much money, they remain appealing targets for bad actors.