Not so long ago - in fact, well within my professional lifetime - it was customary to receive physical delivery of pieces of paper that were either stock certificates, or more interestingly bonds (weirdly fringed with detachable interest coupons).

These documents were hard evidence that you actually owned a financial instrument. You could store them in your safe at home, or in a safe deposit box at your local bank.

Today, it is almost impossible to get your hands on a physical security. In the modern financial system, ownership records are almost universally in digital form. Financial data and is stored and processed on servers or in "the cloud".

This is occurring at the same time that cash, physical checks, and even credit cards, are being replaced by electronic wallets, like PayPal and Apple Pay. Financial advisors are encouraging clients to permit information about their holdings at other firms to be "screen scraped" by aggregation technology so you (and they) can have a panoramic view of your financial situation.


You can access your investments through financial website portals using your iPhone. Electronic vaults make it possible to scan important documents, like wills or passports, and store them in the cloud. Regulators are demanding that financial firms send them ever more granular real time data so that they can apply analytical engines to see patterns of illegal or abusive behavior or sniff out risks.

In other words, more and more information about your financial situation is being stored on and is floating around the digital world -- at precisely the same time the threat and the actual incidence of cyber attacks are increasing.

Financial institutions are being attacked thousands of times every single day, not just directly, but through their "weakest links": the people and firms they do business with. Think of Target, where customer credit card files were hacked through a refrigeration, heating and air conditioning subcontractor. Wells Fargo reported in their most recently quarterly filings that they continue to be the target of malware, denial-of-service and other types of attacks "causing the widespread unavailability of websites and the degrading of website performance".

Just recently, large segments of the internet in the United States were disabled by sequential waves of a distributed denial of service attack on internet platform provider Dyn. Popular sites like Twitter, the NY Times and CNN went down for hours.

The "black swan" risk in all of this isn't interruption of service - as bad as that could be if it affected major exchanges or payment systems. Nor is it identity theft -- as scary and as personally disruptive as that is to victims.

Instead, it's permanent eradication of ownership data.

Imagine the website at your primary broker dealer or money manager or retirement services provider going permanently blank. Without physical securities, how would you prove what you owned?

The solution doesn't need to be a radical one. As an individual investor you don't need to go "off the grid" to protect yourself.

Instead, consider adopting a low-tech approach to protecting your wealth. Go ahead and use all the fancy new wealth management tools. But also practice these simple tactics:

Diversify. Don't keep all your financial eggs in one basket. Intentionally dis-aggregate. If your investments are at a broker dealer, keep your retirement savings with an unaffiliated investment advisor. Keep your cash at an unaffiliated bank. Move funds between them when you need to. Sure, it's a little clunky. But it creates firewalls between different wealth buckets.

Make copies. Make and keep electronic copies of your statements. Encrypt them and store them on USB memory sticks. If you're an active investor, do this once a month. If not, once a year is fine. Put the sticks in a fireproof safe at home or in a safe deposit box at the bank. Printing off paper copies at home also works. Just don't ask your financial firms to send you stuff on paper. It's printed by third party vendors, which opens you up to all sorts of risks.

Be real. Keep at least 5 - 10% of your wealth in real assets that don't have anything to do with financial markets. Like real estate (your home, or farmland). Like gold coins. Like collectibles, such as art. Make sure you have solid documentation proving you own those assets.

Stay liquid. Make sure you have enough cash on hand to make it to the other side of a crisis. Remember Warren Buffett's adage: "To finish first, you first need to finish." Just as you diversify the location of your assets, have multiple short-term lines of credit at different lenders. A margin loan or "non-purpose loan" collateralized by securities at your broker dealer or registered investment advisor. A home equity line or unsecured personal line with your bank.

"Anticipate the anticipation of trouble", as Barton Biggs wrote in his classic, Wealth, War and Wisdom.

None of these tactics will freak out your family, friends or neighbors at cocktail parties. Unless you talk too much about them (which I sometimes tend to do.) They are the equivalent of keeping your hands on the wheel in a driverless car. What they will do is help insulate you from the mother of all financial black swans - cyber destruction of financial ownership records.