IQ-EQ

As an investor services company, IQ-EQ is very concerned about protecting client confidentiality and managing the associated risks with respect to cyber security.

As part of its overall Cybersecurity Strategy it has recently completed a number of key actions:

• Following a series of recent acquistions, the Group engaged a leading consultant to undertake a comprehensive review of its cybersecurity arrangements, which helped to identify areas for futher enhancement and a clear “road map” for the ongoing development of the Group’s Information Security Management Systems.
• Since then, IQ-EQ has recruited a new Chief Information Security Officer to work with the existing InfoSec.
• Separately, the Group has continued to build out its Internal Audit capability to perform regular independent testing of the Group’s cybersecurity arrangements.
• The company follows KPIs on cybersecurity risks at Group level (e.g. the number of malwares neutralised or the number of phishing attempts). They are regularly reported to the Information Security Committee. In 2018, the company’s mail filtering technology stopped and/or quarantined a total of 1.9 million inbound emails including 654 containing harmful viruses and 2,457 with malicious URLs embedded (i.e. phishing attempts).
• All Information Security Management Systems are developed in accordance with the ISO 27001 guidelines. Three of the Group’s major locations, Luxembourg, Mauritius and the Netherlands, hold ISO 27001 accreditation (among 23 locations in total), with a plan to bring further jurisdictions formally into the ISO27001 regime in due course.
• All employees receive regular information security training, either face to face or via the Group’s e-learning management systems.