Registered investment advisers, also known as RIAs, provide financial advice, with an accompanying fee structure generally tied to the value of a client’s assets. That fee, in theory, keeps investors’ interests aligned with their clients’.

Hackers are also leaning on RIAs—but not for help with their portfolios.

Ryan Quirk, founder and managing director of risk mitigation firm Sparrow Risk Group, has observed what he called a “marked increase” in sophisticated email-based social engineering attacks targeting both RIAs and their supporting vendors.

Smaller RIAs lack the budget, expertise, and resources of bigger outfits that can afford enterprise-level security, according to Quirk.

“There is a unique rise in the risk to those RIAs and family offices that these larger firms are able to mitigate due to the fact that they have these large cybersecurity divisions that they’re paying millions of dollars for,” Quirk told us. “These RIAs don’t have the capability to afford that.”

Why RIAs have been a target for cybercriminals.—BH

It’s a new data world in New England.

Maine’s new data center law, which passed the state legislature on April 14 and is headed to Gov. Janet Mills for approval, would suspend building large data centers until November 2027, allowing for a state analysis of potential environmental and energy impacts.

Big time. That analysis, focused on centers with a load equal to or exceeding 20 megawatts, will be the responsibility of the Maine Data Center Coordination Council; legislation sponsor state Rep. Melanie Sachs, a Democrat, told IT Brew that the group will include members from the public and private sectors.

“We need to have this conversation all together,” Sachs said. “That’s the point of the bill.”

In an email to IT Brew, Sachs added that currently there are no plans for data centers of that size in the state. The only project currently in development, a LiquidCool Solutions center at the former Loring Air Force Base in Limestone, is “able to move forward within the 20-mw limit,” Sachs wrote.

So, what happens next?—EH

While construction professionals are trying to build, cyberattackers are doing their best to sneak onto the job site—or at least the accompanying IT infrastructure.

The construction industry—a patchwork of partners and contractors, each with varying security controls—gives threat actors multiple options for compromises. For instance:

• An annual report from the Identity Theft Resource Center (ITRC) revealed cyberattacks against the construction industry held steady in 2025. The ITRC calculated 119 total compromises in the US last year—up from 105 in 2024 and 71 in 2023.
• Dragos, in its review of cybersecurity incidents in Q3 2025, called construction “the top manufacturing subsector impacted by ransomware.”
• Cybersecurity company Check Point Software Technologies reviewed cyberattacks in February 2026 and found 1,898 weekly global cyberattacks on average—an increase of over one-third compared to the previous year’s amount.

What’s leading to an increase in hardhat hackers?—BH

CollabWORK connects you to the hidden job market through IT Brew and other trusted channels. Browse roles curated specifically for this community by clicking through to the job board.

• Chief Technology Officer CTO - Financial Services at Ceres FTS
• Network Engineer at JT4
• IT Support at Health Advocates Network
• Chief Compliance & Information Security Officer at LendSwift
• IT Project Manager at Stefanini, Inc