Insights · Research · 17 July 2026

The Obsidian Helm UHNW Cyber Exposure Index

A single ultra-high-net-worth household now spans four distinct digital attack surfaces — personal and family-office accounts, the smart estate, the superyacht, the private aircraft. This index synthesizes the publicly-referenced risk data across all four into one citable reference, with sources and an honest methodology note.

Abstract gold data-visualization rings connecting four glowing nodes on a dark background, representing the Obsidian Helm UHNW Cyber Exposure Index across family-office, estate, yacht and aviation risk

Ultra-high-net-worth households no longer have one digital attack surface. They have at least four: the personal and family-office accounts that hold identity and capital; the smart estate that runs the residence; the superyacht, increasingly a small enterprise network afloat; and the private aircraft, whose connected systems now rival the ground office in complexity. Published research exists on each of these surfaces individually. What has not existed, until now, is a single reference that puts the numbers next to one another.

The Obsidian Helm UHNW Cyber Exposure Index is that reference: a synthesis of publicly-referenced risk data, organized across the four practice areas that make up a modern principal's digital footprint, built specifically to be short, sourced and quotable. It is designed for journalists, researchers, family-office risk committees and advisors who need a citable figure rather than a sales page. Attribution guidance is at the end.

1. Personal and family-office exposure

The clearest published picture of UHNW cyber risk comes from family-office surveys. Forty-three percent of family offices reported a cyberattack within a recent twenty-four-month window, and the rate rises with size — sixty-two percent among offices managing over one billion dollars in assets. Phishing was present in the large majority of incidents. Despite that exposure, only eight percent of family offices use an external provider for daily security monitoring, and data tied to identifiable UHNW individuals has been observed trading at up to three times the price of standard financial data on dark-web markets — a premium that reflects how usable that data is for fraud, extortion and impersonation.

43%
of family offices attacked in a 24-month window
62%
attack rate for offices managing over $1 billion
dark-web price premium for UHNW data vs. standard data
8%
of family offices use an external security provider daily

AI has sharpened the sharpest edge of this category: impersonation. A documented case saw a finance employee wire twenty-five million dollars after a video call in which every participant, including the CFO, was an AI-generated deepfake. Family offices are aware of the shift — eighty-three percent report concern about deepfake fraud — but only sixty percent believe their own people could reliably catch one. That twenty-three-point confidence gap is, in practical terms, where the money leaves.

2. The smart-estate attack surface

The residence itself has become a networked target. Connected homes now face an average of twenty-nine attack attempts per day in 2025, part of a broader surge that saw over 2.5 billion IoT malware attacks recorded globally the same year. Roughly thirty percent of high-net-worth individuals report at least one suspected device-compromise incident, and a meaningful share of breached personal-email accounts are found to carry a forwarding rule the owner never noticed — a quiet, persistent leak rather than a single dramatic breach. Estate systems — lighting, gates, CCTV, climate, AV — are typically installed once, at build, and rarely revisited, which is precisely the profile of infrastructure that accumulates unpatched risk over years.

3. Superyacht networks

A modern superyacht routinely converges five separate operational domains — bridge, monitoring, AV, lighting and security — onto a single IP backbone, often installed and left largely unmanaged between refits. Roughly 150,000 vessels now carry satellite connectivity of the kind that also exposes them to the same categories of compromise as a shore-based network, and structural factors specific to a vessel — a steel hull can attenuate signal strength by more than seventy percent compared with open air — mean owners and captains are often troubleshooting connectivity problems without the visibility to distinguish a physical obstruction from an actual security event. The yacht is, in practice, the least-monitored network many UHNW families own.

4. Private aviation

Private aviation carries its own documented exposure. Security researchers have identified more than four hundred lookalike private-jet and charter-fraud domains built to impersonate operators and brokers, and global GNSS interference — jamming and spoofing of the satellite navigation signals aircraft depend on — rose steadily through 2024 and 2025, prompting formal warnings from business-aviation and pilot associations to regulators. Separately, fixed-base operators and ground handlers hold sensitive passenger, crew and itinerary data in systems that were rarely built to the standard the underlying data deserves — and a leak from any single handler on a family's regular route can expose a movement pattern more precise than the family itself would ever disclose.

2.5B+
IoT malware attacks recorded globally in 2025
400+
lookalike private-jet and charter-fraud domains identified
5
vessel domains typically converged on one yacht IP backbone
15B+
stolen credentials estimated in circulation underground

Ten data points, for citation

  1. 43% of family offices suffered a cyberattack within a 24-month window.
  2. 62% of family offices managing over $1 billion in assets report an attack.
  3. Only 8% of family offices use an external provider for daily security monitoring.
  4. UHNW-linked personal data has traded at up to 3× the price of standard financial data on dark-web markets.
  5. 83% of family offices report concern about deepfake fraud; only 60% believe their staff could reliably detect one.
  6. A documented deepfake video-call impersonation resulted in a $25 million fraudulent wire transfer.
  7. Connected homes faced an average of 29 attack attempts per day in 2025.
  8. Global IoT malware attacks exceeded 2.5 billion in 2025.
  9. Superyachts typically converge five operational domains — bridge, monitoring, AV, lighting, security — onto a single IP backbone.
  10. More than 400 lookalike private-jet and charter-fraud domains have been identified impersonating operators and brokers.

Methodology and a note of honesty

This index is a synthesis, not a proprietary survey. It draws on publicly available research — industry surveys of family offices, published security research into IoT and smart-home threats, maritime connectivity and cybersecurity studies, aviation-security and GNSS-interference reporting from industry bodies — alongside patterns Obsidian Helm has observed across its own engagements with principals, family offices, yacht owners and flight departments. It does not claim a specific proprietary sample size or a single unified survey instrument, and figures are cited to their originating category of research rather than presented as one homogeneous dataset. Where a number reflects an industry-wide study rather than an Obsidian Helm-conducted survey, that is stated plainly in the text above. We revisit and update this index as new published research becomes available.

The purpose of gathering these figures in one place is not persuasion. It is orientation — giving a family office risk committee, a journalist covering UHNW security, or a principal's own advisor a single page that puts personal, estate, maritime and aviation exposure into proportion with one another, sourced honestly enough to be relied upon.

How to cite this index

Journalists, researchers and advisors are welcome to cite figures from this index with attribution to the Obsidian Helm UHNW Cyber Exposure Index, linked to this page. For sourcing detail behind any individual figure, or to discuss a specific data point on the record under NDA where appropriate, the office can be reached directly and will respond in confidence.

For the fuller threat picture behind the family-office figures in this index, see AI-Era Cybersecurity for Family Offices & UHNW Principals. For the dark-web pricing and monitoring detail referenced above, see Dark Web Monitoring: What the Market Knows About Your Family. The practice that acts on all of this sits within Personal Cybersecurity.

Discuss a Figure, or Request Your Own Exposure Review

Journalists and researchers may contact the office directly for sourcing detail behind any figure in this index. Principals and family offices can request a private version of this assessment — scoped to their own accounts, estate, yacht and aircraft — beginning with a $4,999 Private Strategy Session, conducted remotely under NDA.

Request Your Invitation

Frequently asked

What is the Obsidian Helm UHNW Cyber Exposure Index?

A synthesis of publicly-referenced risk data across the four digital surfaces of a modern UHNW household — personal and family-office accounts, the smart estate, the superyacht, and the private aircraft — brought together in one citable reference with sources and an honest methodology note.

Is this based on a proprietary Obsidian Helm survey?

No, and we say so directly. The index synthesizes third-party published research — family-office surveys, IoT and smart-home security studies, maritime and aviation security reporting — alongside patterns observed across Obsidian Helm's own engagements. It is not presented as a single proprietary study with a stated sample size.

Can journalists and researchers cite this index?

Yes. Figures may be cited with attribution to the Obsidian Helm UHNW Cyber Exposure Index, linked to this page. For sourcing detail behind a specific figure, the office can be contacted directly and will respond in confidence.

How often is the index updated?

It is revisited as new published research becomes available across the four practice areas it covers. Because it synthesizes external research rather than running on a fixed survey cycle, updates are made when the underlying data materially changes rather than on a set calendar.

Can a family or family office get a private version of this assessment?

Yes. The published index is general; a private engagement scopes the same categories — personal and family-office accounts, estate, yacht, aircraft — to a specific family's actual footprint. That begins with a $4,999 Private Strategy Session, conducted remotely under NDA and credited in full toward membership.

By Invitation Only

The office answers.
The rest is silence.

Tell us, in confidence, what keeps you up. We reply privately, under NDA.

Request Your Invitation
Replies under NDA · Strictly Confidential