Interview with Alex Mendez, Remora’s head of cyber security and cyber consulting

As part of our commitment to delivering top-quality content to our community, we are proud to continue our series of interviews with those from our Top 100 most influential list. Alex Mendez shares with us his insight into the future of cyber security within the alternative investment space. 2&20 hope our series of interviews will provide a greater level of understanding of different service providers within the industry, as well as valuable insights into what drives the thought leaders and key influencers from our community

Can you provide an overview of your company’s history and how it has evolved over the years?

Alex Mendez: Remora was founded eight years ago with a vision to provide comprehensive cyber security solutions to help clients manage their cyber risks in an increasingly complex and challenging threat environment. Initially, we focused on providing bespoke cyber security services to clients in the banking and finance sectors, where cyber threats are particularly prevalent. Over the years, Remora has expanded its services to meet the needs of our clients.

Today, Remora has developed an advanced cybersecurity program that is flexible and can be individually tailored to our clients’ requirements. It is based on four essential threat vectors: Human, Risk, Vulnerability, and Threat. This comprehensive approach allows us to provide our clients with proactive cybersecurity solutions that address potential threats before they become a problem.

While Remora has its roots in the banking and finance sectors, including boutique Hedge Funds and innovative FinTech companies, we have since broadened our client base to include other industries and sectors that are also at high risk of cyber-attack. We recognised the need to adapt and evolve our services to meet the growing demands of our clients, and we did so by expanding into industries such as hospitality, healthcare, logistics, and the emerging sectors of industry 4.0 and smart manufacturing.

We take pride in being a trusted advisor for companies looking to apply best practices in cyber threat prevention, detection, and response. Our team of experts constantly monitors the latest cyber threats and trends to ensure that our clients have the most effective and up-to-date solutions to protect their sensitive data and assets.

How does your company differentiate itself from other managed service providers in the market?

Remora has a track record of providing bespoke services to clients in industries that are at high risk of cyber-attacks, such as investment and financial sectors, hospitality, healthcare, and logistics. Cyber security is essential to protect against destructive acts carried out by cyber criminals with varied motivations.

Perhaps our most significant differentiator, and one that truly sets us apart from other managed service providers, is our exceptional capability to conduct cyber incident response and, more importantly, fund retrieval. This expertise is not commonly found among other MSPs, as fund retrieval requires a unique blend of specialised skills, industry knowledge, and strong relationships with relevant stakeholders.

Can you discuss any recent partnerships or collaborations that have helped to enhance your managed services offerings?

We have many long-standing relationships with many MSPs and even other MSSPs, a lot of who feature in your Top 100 list. While it’s challenging to single out a favourite partnership, a particularly notable collaboration has been with one of our own - Jon Luxford.

Jon joined our Advisory Board and enriched our cybersecurity managed services. With his extensive experience in the Metropolitan Police Cyber Crime Unit, Jon's unique perspective helped us offer practical solutions to our clients. Additionally, Jon's relationships within the financial sector and law enforcement helped us stay up-to-date on the latest cyber security trends. A prime example of this was last year when Remora successfully assisted a client in recovering funds stolen in a single invoice fraud case exceeding €3 million.

How does your company measure its success in delivering managed services to the alternative investment sector?

Remora measures its success in delivering managed services to the alternative investment sector using a multifaceted approach, focusing on three KPIs: Client Satisfaction, Service Level Agreements, and Compliance.

Can you share a particularly memorable experience you’ve had while working with clients in this sector?

I led the cyber investigation team into one of the largest invoice frauds of 2022, and with the help of Jon Luxford’s fund repatriation team we were able to retrieve for the client just over €3 million.

It is a good day when you can ring a client and tell them money is coming back.

If you could travel back in time and give advice to yourself on your first day in this role, what would it be?

Ask questions - never be afraid to ask questions, no matter how trivial they may seem. It’s better to ask than to regret not seeking clarification from the outset. A quote I often try to remember is from Michael Forbes Always ask questions – “One who never asks either knows everything or nothing”.

Can you describe the biggest challenge that your company has faced in delivering managed services to hedge funds, private equity firms, or family offices?

There is a constant need to stay up-to-date with the latest regulatory changes and security threats. Financial firms are prime targets for cybercriminals, which makes it essential for us to provide comprehensive cybersecurity solutions that protect sensitive client information and ensure compliance with data protection regulations.

The biggest challenge is when family offices are unaware that they need to disclose potential conflicts of interest to clients or maintain adequate policies and procedures to prevent insider trading. This issue transcends the realm of cybersecurity, which is why at Remora, we make it a point to meet with clients in person to ensure that relevant FCA and SEC regulations and ensure they are aware of their regulatory responsibilities.

If you could give a TED Talk on the topic of managed services for the alternative investment sector, what would be the key message that you would want to share with the audience

My message would be that traditional cybersecurity and IT support approaches are no longer sufficient for alternative investment firms to protect themselves against cyber threats. Managed services, tailored to the unique needs of the alternative investment sector, provide a comprehensive and proactive approach to cyber security and IT support. This approach includes continuous monitoring, proactive threat intelligence gathering, and ongoing staff training. I'd emphasise the value of partnerships with industry experts to stay up-to-date on the latest threats and trends. By investing in managed services, firms can enhance their cyber security posture and achieve their business objectives with greater confidence in today's digital landscape.

Can you discuss any recent advancements or initiatives that have had a significant impact on the company?

At Remora, we prioritise our clients’ needs and are committed to continuously evolving and improving our services. We actively listen to their requests and integrate the best solutions that benefit both our clients and our organisation.

One recent example is our enhanced reporting process. Clients expressed a desire for more user-friendly reporting, and we responded by creating clearer, easier-to-digest reports that contain detailed insights into their cybersecurity posture and potential threats. The emphasis is on making these reports simple to understand for stakeholders while still providing comprehensive information.