The convergence of cybersecurity and cloud security is particularly relevant for portfolio companies, as they operate within the broader ecosystem of their parent investment firms. Any cybersecurity breach or data compromise within a portfolio company can not only impact its own operations but also reverberate throughout the investment portfolio, affecting investor confidence, valuation, and long-term strategic objectives.

The post Optimizing Operations for Portfolio Companies appeared first on Thrive.

• Requiring Incident Response Plan (IRP) policies and procedures. 
• Mandating “timely” notification to affected individuals after a sensitive information breach.  
• Expanding the scope of information and entities covered under the Rule.¹

Many covered entities have already begun adjusting their information security and compliance strategies over the past few years in light of elevated regulatory activity from the SEC which includes multiple proposals specifically focused on addressing information technology and cybersecurity risks. While there aren’t any surprises in the Regulation S-P updates, organizations subject to the rule should now evaluate their current practices to ensure alignment from a policy, technical capability, and operational perspective.  

Incident Response Plan (IRP) Requirements 

The adopted changes require implementation of an “incident response program for unauthorized access to or use of customer information, including customer notification procedures” that are reasonably designed to “detect, respond to, and recover from” unauthorized access and use of consumer financial information.² A comprehensive incident response program is rooted in an accurately scoped policy, enabled by appropriate technology implementation(s), and maintained by complementary operational processes.  

Policy

An IRP is a written document formally approved by management that outlines the types of cyber threats the business is likely to face and what controls are in place for detecting, responding, and recovering from these events. A risk-based approach is important when designing an IRP and organizations should first perform activities such as data classification and business impact analysis to ensure the policy is appropriately scoped.  

With respect to Reg S-P specifically, covered entities should identify what type(s) of covered information they collect, where this data is stored, and what data protection and access controls are in place. The updated rules explicitly require a scope that enables assessment of “the nature and scope of any incident involving unauthorized access to or use of customer information and identify the customer information systems and types of information that may have been accessed or used without authorization”.² Of course, the IRP should include the entire business entity, but understanding where the critical data and information assets reside is an important precursor to designing an appropriate layered defense model and establishing compliance with the updated regulation.  

Technical Implementation  

Technical controls supporting the IRP should include detective, preventative, and security measures applied and configured specifically to the organization’s environment. There is no “one size fits all” approach which is why having an accurately defined policy is fundamental to appropriately selecting and deploying technical safeguards. Common deployments include (but aren’t limited to):  

• Data Security: encryption (at rest and in transit), access controls, network segmentation, data governance monitoring, and data loss prevention (DLP) mechanisms such as blocking removable media and monitoring outbound communications for unprotected sensitive data. Organizations should also ensure secure data disposal and destruction mechanisms are in place to ensure discarded media does not result in unauthorized access exposure.   

• Asset Security: Next-generation asset-based solutions such as Endpoint Detection and Response (EDR) software provide live monitoring on user assets across the environment and proactively detecting, preventing, and alerting on malicious threat vectors. Additionally, hard drive encryption is natively built into many modern operating systems, while agent-based applications can ensure devices remain up to date (e.g., RMM) and restrict the types of connections or applications permitted on managed devices (e.g., URL filtering, restricting local administrative rights, hardening configurations to disable unused ports/protocols).  
• Network Security: Networks (including the office(s), data centers, and/or cloud/SaaS environments) must be protected via appropriate threat detection and capabilities. Solutions include Managed Detection and Response (MDR), Extended Detection and Response (XDR), conditional access, Identity and Access Management (IAM), enterprise firewalls, and zero trust architecture (ZTA). Log aggregation and secure storage is also important to enable forensic examination and accurate reporting if a material incident occurs.  
• Availability / Recovery: Incidents still can (and will) happen even with best-of-breed security solutions in place and it’s important that the business can efficiently recover when they do. Solutions that enable system availability include backups, geographically diverse disaster recovery (DR) environments, and high availability cloud configurations.  

Operational Considerations  

Having the right skilled resources in place to design and implement appropriate controls and write policy is where compliance with Reg S-P begins, but ongoing monitoring and response is where the value is continually delivered. Organizations should ensure that resources receiving and monitoring the output of technical detective and preventative systems – whether in house or outsourced – are suitably trained to interpret the data and take corresponding actions when anomalous or malicious activity is detected. Many organizations choose to work with an outsourcing partner (e.g. MSSP) that provides 24×7 Security Operations Center (SOC) monitoring and incident response services.  

Breach Notification  

The updated regulation also mandates that the incident response programs include mechanisms to notify affected individuals “whose sensitive customer information was, or is reasonably likely to have been, accessed or used without authorization”.² Prominently, the same clause also states that notification is not required if “after a reasonable investigation…the sensitive customer information has not been, and is not reasonably likely to be, used in a manner that would result in substantial harm or inconvenience”.²  

Meeting this requirement requires careful analysis from multiple stakeholders, including legal, operations, and information technology; however, organizations must have foundational elements referenced above – specifically mechanisms/products such as data classification, data governance, data protections, and security monitoring/logging/reporting – in place to analyze in the first place. A gap or weakness in any of these areas may preclude an organization from justifying a reporting exemption or providing an accurate disclosure of events. If an organization cannot validate which system and data assets were impacted by a cyber incident, they may need to provide a breach notification to all (current and former) customers.  

Breach Notification Timeline

The updated regulation will also require a “clear and conspicuous notice to affected individuals” by means “designed to ensure that the individual can reasonably be expected to receive actual notice in writing”.² Importantly, there is now a 30-day shot clock on providing the notification with exceptions only if the U.S. Attorney General has determined that providing such a notice would “pose a substantial risk to national security or public safety”.² There are also specific notice standards (Section II.A.3a in the Final Rule) that organizations should be aware of with regard to determining if a notice is required and methods for complying with the notification mandate under various circumstances. Sections II.A.3b&c also provide additional clarity with respect to defining “sensitive customer information” and “substantial harm or inconvenience” respectively that should be reviewed when developing mechanisms for analyzing if a notification is required under the organization’s IRP.  

Scope Adjustments 

The final Rule also includes adjustments that broaden both the scope of entities covered under required activities and the scope of data assets.  

Service Providers

Of course, service providers are not brought under the SEC’s regulatory jurisdiction via the updated Rules (with respect to those that are not already covered entities). However, the Reg S-P update does incorporate requirements with respect to the covered organization’s IRP development to include:  

a. appropriate measures for ensuring service providers are protecting covered information,  

b. and for covered organizations to establish mechanisms for receiving notifications from service providers if the service provider experiences a breach impacting covered information.  

The maximum allowable timeframe for service providers to provide notification is defined as 72-hours in the updated final text. Covered organizations should work with service providers to determine appropriate mechanisms designed to ensure receipt of such notifications within the compliance time limit. This mandate again highlights the critical importance of conducting thorough data classification and related analysis which enable organizations to easily map which third parties are in scope when it comes to covered information. Additionally, receipt of a service provider notification should automatically trigger the covered organization’s IRP including analysis of whether client notification is required.  

Definitions of Covered Information and Covered Entities

The updated regulation broadens the scope of protected information to include a new term of “customer information” (replacing the term “customer records and information”) which is defined as “any record containing nonpublic personal information as defined in Section 248.3I3 about a customer of a financial institution, whether in paper, electronic, or other form”.² These records apply to any “information that a covered institution maintains or otherwise possesses for a business purpose” – businesses subject to the regulation should ensure the scope of their data classification exercises is appropriately adjusted to include all such information that may fit into this category. The broadened scope now applies to information the organization may have obtained about customers and non-customers that the organization may have been provided through the course of other business relationships. This change is intended to provide additional consistency with the Gramm-Leach-Bliley Act (GLBA) which imposes similar and overlapping requirements in some situations. Importantly, the SEC notes that these obligations of protection extend throughout the lifecycle of the information and include secure disposal, further underscoring the importance of a well-defined secure destruction and disposal process.  

In addition to the information scope changes, the update extends applicability of Regulation S-P to include transfer agents since they maintain detailed covered information related to securities holders.  

A Note on Recordkeeping  

Reg S-P updates also incorporate new recordkeeping requirements pertaining to “written records documenting compliance with the requirements of the safeguards rule and of the disposal rule”.² The timeframes vary for different entity types, and covered organizations should review Table 1 under Section II.C of the final rule for information relevant to their entity designation.  

How Can Thrive Help?  

Thrive delivers global technology outsourcing for cybersecurity, Cloud, networking, and other complex IT requirements. Thrive’s NextGen platform enables customers to increase business efficiencies through standardization, scalability, and automation, delivering oversized technology returns on investment (ROI). They accomplish this with advisory services, vCISO, vCIO, consulting, project implementation, solution architects, and a best-in-class subscription-based technology platform. Thrive delivers exceptional high-touch service through its POD approach of subject matter experts and global 24x7x365 SOC, NOC, and centralized services teams. Learn more at www.thrivenextgen.com. 

Disclaimer: Nothing herein shall constitute legal advice, compliance directives, or otherwise. Covered entities should consult an attorney and/or other compliance professional regarding their organizations’ compliance obligations, including, without limitation, the regulations described herein.  

Source Information:  

1 –  https://www.sec.gov/files/34-100155-fact-sheet.pdf 

2 –  https://www.sec.gov/files/rules/final/2024/34-100155.pdf 

The post SEC Unveils New Look for Regulation S-P: What Your Organization Needs to Know appeared first on Thrive.

Alignment for Better Business Outcomes

At the core of any risk strategy lies the identification and assessment of risks. For your PB, real-time consideration of portfolio risks and periodic reviews of operational risks is essential. Since leverage has plateaued since 2008 (affecting fee generation), managing risk is pivotal for a healthy PB relationship. Balancing the quality of your portfolio to allow for an optimized margin balance will be something everyone wants and will be based on a number of factors you can evaluate such as correlation risk, historic sharpe ratio, derivative pricing confidence, collateral quality, counterparty credit worthiness among others.  This falls largely on the COO or CFO, and their operations team to ensure the most beneficial and accurate treatment is being extended to the firm.  Meanwhile, consider that your IT provider is similarly aligned with your fund’s success, of course farther removed from your portfolio details, while being intimate with the tools, connectivity, and counterparties that you depend on. 

Qualification of a Managed Security Services Provider (MSSP) 

In today’s landscape, IT providers must resemble cybersecurity businesses (MSSPs) to succeed. Most platforms default to convenient configurations rather than secure ones, prompting the SEC to mandate inventorying these data points from an IT risk perspective. While your engagement policies may appear as checkboxes to auditors, real-time anomaly reporting against these policies is fundamental for responsible competition and scaling in the multi-cloud environment. Over the years, top IT providers like Thrive (through its acquisition of Edge Technology) and premier PBs have collaborated to set reasonable standards that protect market interests. Prior to the pandemic, we led a campaign together with a global prime broker to enforce encrypted communication via TLS across common client mail systems, as this was a standard practice we encouraged with most clients.  Together that raised an important awareness and potentially thwarted some amount of phishing while people learned to become better trained.  

However, the recurrent nature of the cybersecurity topic now verges dangerously close to echoing a broken record, even as its significance remains paramount. We observe a shift from ransom-focused malware to outright wipe-ware, emphasizing the need for robust security measures as motivations go from ransom to outright harmful intent by coordinated state-actors. At Thrive, we advocate for a mesh of security services that provide real-time event generation and response, extending network and domain policies beyond office boundaries to multi-cloud services using Secure Web Gateways. Today’s rate of easy adoption of many young emerging technologies is both promising and eerily similar to showing the same weaknesses of the earlier industry.  Wrapping a mesh of security around these younger offerings enables the same balancing act can be achieved and a competitive fund can leverage newer technologies with more confidence. While technology lacks a UL listing, a balanced practitioner’s approach can maintain top performance for you and your investors. 

Feel free to reach out if you would like to learn more about technology outsourcing for financial services. Our team of subject matter experts are ready to help you meet your desired business outcomes.

The post How IT outsourcing allows Hedge Funds to maintain top performance for their funds and their investors appeared first on Thrive.

The convergence of cybersecurity and cloud security is particularly relevant for portfolio companies, as they operate within the broader ecosystem of their parent investment firms. Any cybersecurity breach or data compromise within a portfolio company can not only impact its own operations but also reverberate throughout the investment portfolio, affecting investor confidence, valuation, and long-term strategic objectives.

The post Optimizing Operations for Portfolio Companies appeared first on Thrive.

That’s why partnering with the right Managed Services Provider (MSP) for IT outsourcing has become popular for private equity companies and their portfolios. Choosing to work with an MSP isn’t solely about ensuring smooth IT operations; it’s a strategic move that can amplify the company’s growth while better protecting it from cyber threats and compliance issues. The right MSP becomes an invaluable partner, influencing the efficiency, scalability, and competitive edge of the portfolio company in the market.

The Significance of Choosing the Right MSP

Today, technology serves as the backbone of operations across a wide breadth of industries. A reliable MSP conducts the seamless integration of technology into the fabric of a company’s operations. From Cloud computing and cybersecurity to data management and IT infrastructure, the right MSP provides the expertise and support necessary to navigate both the digital and business realms effectively.

One of the core reasons why the right MSP matters for a portfolio company is efficiency. A proficient MSP optimizes processes, enhances productivity, and mitigates risks, allowing businesses to focus on their core competencies without being bogged down by technological complexities.

Moreover, a strategic MSP is not just a service provider but a partner invested in the success and growth of the company. They bring industry insights, technological advancements, security, scalability, and cost-effective solutions to the table, ensuring the company remains agile and competitive.

Thrive’s Strategic Partnerships with PE

The role that the right MSP plays in the success of portfolio companies is well understood at Thrive. Our approach to delivering private equity IT services goes beyond conventional service delivery; we immerse ourselves in understanding the unique needs, challenges, and growth aspirations of each portfolio company.  Our POD-based approach to service delivery means that each company works with experts who not only know the technology but also know their business and their industry. 

The Thrive Difference:

• Tailored Solutions and Services: There is no such thing as a one-size-fits-all solution. Thrive crafts company-specific strategies and solutions, ensuring strong protection and efficient operation. Our PE service offerings include:
  • EBITDA Optimization – Providing cost-efficient managed services
  • Portfolio Investment Assessments – Due Diligence reports, pre & post deal
  • Integration – Helping to strategically combine acquisition assets and realize synergies
  • Risk Management – Closing Security Gaps, building Disaster Recovery Plans, and adding 24×7 global coverage
  • Digital Transformation – Modernizing the IT Infrastructure & improving business processes
  • Sale Transition – Assisting with transition plans and helping achieve maximum ROIs
• Proactive Support and Scalability: Our proactive approach means we anticipate needs before they arise. We ensure scalable solutions that grow with the company, avoiding technology bottlenecks when it comes to cybersecurity, Cloud, or collaboration services. 
• Thrive’s Expertise: Thrive’s experts offer 24x7x365 protection through the online Security Operations Center, prioritizing robust infrastructure security measures, adherence to regulatory requirements, and more. 

The right MSP isn’t just a service provider; it’s a strategic ally for portfolio companies, propelling them toward growth, efficiency, and sustained success. Thrive’s commitment to tailored solutions, cutting-edge technology, proactive support, and cybersecurity expertise ensures that portfolio companies have the right tools to navigate the next obstacle.

Choose Thrive and pave the way for unparalleled success for your portfolio companies. Contact us today to learn more about how Thrive can empower your entire PE portfolio through a strategic MSP partnership.

The post Why the Right MSP Matters for Your Portfolio Companies appeared first on Thrive.

As online banking and digital transactions surge in popularity, credit unions find themselves confronted with the constant and looming threat of cybersecurity breaches. The year 2022 alone witnessed a staggering 70% increase in fraud within credit unions. This upward trajectory is not only due to the surge in online activity but is also fueled by the relentless evolution of cybercriminal tactics.

Hackers and cybercriminals continually refine their skills and adapt their methods, making it essential for credit unions to stay ahead of the game. This places sensitive member data at risk and possesses the potential to inflict lasting damage upon the credit union’s reputation and ability to serve.

Credit unions are bound by legal and ethical obligations to protect member data. Regulations from the National Credit Union Association (NCUA) mandate stringent data protection measures to ensure information safety and good practices within federal credit unions. Failing to comply with these regulations can lead to severe penalties, including hefty fines and legal consequences.

The Impact of Diligent Data Protection for Credit Unions:

• Member Trust: Beyond legal repercussions, when members know their data is safe, they’re more likely to engage in digital banking services. Trust is the cornerstone of any successful credit union, and robust data protection practices are instrumental in building and maintaining this trust. Members who trust their credit union are more likely to invest in additional services, leading to increased revenue and growth opportunities.
• Protecting Intellectual Property and Financial Assets: Data breaches often compromise member information as well as sensitive internal data, including intellectual property and financial assets. Credit unions invest significant resources in developing unique services and strategies. Protecting these assets from cyber threats ensures the credit union maintains its competitive advantage in the market.
• Promoting Financial Stability: The financial stability of a credit union depends on its ability to mitigate risks effectively. A data breach can lead to financial losses, impacting the credit union’s stability and growth prospects. By investing in robust cybersecurity measures and a proactive recovery plan, credit unions safeguard their financial stability, ensuring they can continue to provide quality services to their members.

Safeguarding member data emerges as more than a regulatory necessity; it is a strategic imperative that underpins the very essence of credit unions. By prioritizing data protection, credit unions honor their legal obligations and fortify member trust. Simultaneously, they shield invaluable internal information, ensuring the longevity and strength of their financial stability. 

Thrive, committed to empowering credit unions, offers cutting-edge IT solutions tailored to the unique challenges of this digital age. Our comprehensive suite of cybersecurity solutions both secures data and optimizes business opportunities, enabling credit unions to service their clients with confidence. 

Credit unions must recognize that in today’s fast-paced world, data protection is not just a responsibility; it is an indispensable element ensuring sustained success and continuity. Reach out to Thrive today, and discover how our expertise can safeguard your credit union’s sensitive data and maintain member trust. 

The post Membership Has Its Privileges: Why Cybersecurity Is Critical for Credit Unions appeared first on Thrive.

Private equity firms have increasingly recognized the criticality of cybersecurity due diligence in their deal-making processes. By recognizing and understanding the potential risks associated with a weak cybersecurity framework in target companies, PE investors are now more vigilant about incorporating thorough cybersecurity evaluations of a company.

The financial, reputational, and operational damage that results from cyber incidents is staggering. According to a report from Accenture, the average ransom paid for

mid-sized companies under attack was over $1 million. From data breaches to ransomware attacks, cybersecurity incidents can not only affect a company’s financial standing but also significantly affect consumer trust and overall brand value.

Key Components of Cybersecurity Due Diligence

A comprehensive cybersecurity due diligence process involves implementing a multifaceted approach. It covers various elements, including but not limited to:

• Cyber Risk Assessment: Analyzing the target company’s current cybersecurity infrastructure, identifying potential vulnerabilities, and evaluating the effectiveness of its existing security protocols. Assessments can proactively uncover evidence of previous breach activity increasing overall investment risk and identifying liabilities that may otherwise go unnoticed.
• Regulatory Compliance Check: Ensuring the target company complies with relevant data protection laws and industry-specific regulations, such as HIPAA, SOX, SOC 2, PCI DSS or other industry-specific cybersecurity standards.
• Incident Response Planning: Reviewing the company’s incident response plans and assessing its readiness to mitigate and manage cyber threats.

Integration into the Due Diligence Process

Integrating cybersecurity due diligence into the broader due diligence process is crucial for PE firms to safeguard their data and continue to focus on the financial side of their business. It necessitates collaboration between deal teams, cybersecurity experts, and a firm’s legal counsel.

Incorporating cybersecurity risk assessments at the early stages of deal evaluation also allows investors to make informed decisions. Understanding a company’s cybersecurity risks can influence the valuation, and also aid in formulating post-investment strategies to fortify the target company’s security infrastructure.

Thrive’s tailored managed IT services for PE firms cover all aspects of technical strategy and regulatory compliance. By leveraging our industry insights and robust support, Thrive empowers financial companies to navigate the ever-evolving IT landscape with confidence. 

PE firms that embed robust cybersecurity assessments within their due diligence processes are better equipped to navigate the complex cyber threats that businesses face today. Thrive’s team can help you protect your business by uncovering IT vulnerabilities and delivering unmatched insight into the potential risks present in your mission-critical business infrastructure.

Contact Thrive today to learn more about how we can help integrate a robust cybersecurity posture into your PE deals and beyond.

The post Building Cybersecurity Due Diligence into Your PE Deals appeared first on Thrive.

The Cloud Is King

At the center of digital-only banks’ operations lies advanced Cloud technology. The Cloud serves as the backbone for their entire infrastructure, enabling the storage, processing, and accessibility of vast amounts of data, all in real-time. It offers them several advantages, including:

• Scalability and Flexibility: The Cloud allows digital-only banks to seamlessly scale their operations based on consumer demand. As their customer base grows, they can effortlessly expand their infrastructure and accommodate increased data storage and additional processing needs.
• Cost-Efficiency: Operating in the Cloud eliminates the need for significant overhead and upfront investments toward physical infrastructure. Digital banks can optimize costs by paying only for resources as they are consumed, making them highly cost-effective.
• Enhanced Performance: Cloud platforms can provide high-speed processing capabilities, ensuring that transactions and other banking operations are executed swiftly to deliver an optimal customer experience.

Prioritizing Cybersecurity

For digital-only banks, safeguarding data and mitigating risks against cyber attacks is paramount. These banks employ a robust set of cybersecurity measures to protect their data and their customers’ data. Key cybersecurity practices digital-only banks typically use include:

• Encryption & Multi-Factor Authentication (MFA): All data exchanged between users and the bank’s servers is encrypted, making it unreadable and unusable to unauthorized individuals trying to steal data. Additionally, MFA adds an extra layer of security by requiring all users with access to the banks’ internal system to authenticate their identity through multiple factors, such as passwords, biometrics, or one-time passcodes, enhancing protection against unauthorized access.
• Continuous Monitoring and Threat Detection: Advanced monitoring systems are employed to constantly analyze network traffic and detect unusual activities that may pose a security threat. Automated alerts and real-time responses aid in quickly addressing any suspicious activities.
• Security Audits: Digital-only banks also conduct regular security audits to identify potential vulnerabilities and weaknesses in their systems. These audits help to address security concerns and enable them to stay ahead of evolving threats.
• Employee Training and Awareness: Employees are regularly educated about cybersecurity best practices and are kept up-to-date on the latest threats. Training includes identifying phishing attempts and other social engineering tactics.

The Perfect Partnership

Digital-only banks are playing an increasingly significant role in the financial industry. As they continue to innovate and grow, they need an expert partner to rely on that is agile and reliable. Thrive’s team of dedicated experts can help these banks continuously monitor for threats and vulnerabilities, 24/7. Additionally, these banks can take advantage of Thrive’s secure Cloud solutions, which can enable them to complete data transfers and transactions at lightning speed and store sensitive customer data safely.  

Contact Thrive to learn more about how we can transform the security and storage infrastructure of your digital-only bank, today. 

The post How Digital-Only Banks Safeguard Data appeared first on Thrive.

While it may seem like a stretch that your choice in technology can directly affect your investment performance, the rising use of technology to allow funds to quickly adapt to the changing markets, employ high-frequency trades (HFTs), and implement automation tools that can be used for a myriad of reasons. Technology automation can also help reduce overall operational costs, enhance scalability of a fund, and improve overall fund performance.

Traditional financial models are still at the core of many hedge funds, but the use of technology should not be ignored. Building a robust tech stack can not only help your fund stay secure and compliant, but also stay competitive with other funds by shaving tenths of a second off lucrative trades and other strategic moves that can make you and your clients more profitable. Thrive offers a hedge fund-focused IT approach that takes advantage of its Hybrid Cloud, allowing funds to rapidly access information while maintaining regulatory compliance to ensure all trades and other financial strategies are done properly. 

Another critical aspect of building a successful IT stack is having 24/7 support to mitigate risk and ensure agility against bad actors trying to breach your network. Making sure that your clients’ data and your trade secrets are safe is critical for the continued success of your fund. Data leaks open a fund up to regulatory infractions, massive fines, and other potential consequences that can cost a lot of time and money to clean up. Allocating resources to a disaster recovery plan helps minimize data loss and provides fast, automated recovery of critical systems for protection against events that can devastate normal business operations while meeting challenging Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs). 

Take your tech stack to the next level and ensure your regulatory compliance with Thrive today. Thrive provides managed IT services with 24/7 operators, so you don’t have to worry about potential threats and data breaches. Contact Thrive to learn more about how you can improve your hedge fund’s tech stack. 

The post Is Your Tech Stack Supporting Your Investment Goals? appeared first on Thrive.

The vast financial services ecosystem and global interconnectedness of transactions present an extremely broad attack surface for potential exploitation. Management teams across the industry are prioritizing cybersecurity vigilance as an essential operational component of fiscal business stability.

The post The Partner That Knows: Hedge Funds Industry eBook appeared first on Thrive.