HASI is a climate-focused investment firm headquartered in Annapolis, Maryland, that finances sustainable infrastructure projects across the clean energy and energy transition sectors. Founded in 1981, the firm manages more than $16 billion in assets and has closed more than 1,300 investments. Its portfolio spans renewable natural gas, energy efficiency, and broader sustainable infrastructure, with an estimated annual CO2e avoidance of approximately 10 million metric tons.
For cybersecurity professionals, HASI presents the threat surface of a financial institution operating at the intersection of critical infrastructure and capital markets. The attack model covers protecting deal pipeline data, investor records, and sensitive financial systems alongside the operational technology (OT) environments tied to energy assets the firm finances. Security teams would need to manage risk across IT/OT boundaries as the firm's portfolio includes physical infrastructure projects - rng facilities, solar installations, efficiency retrofits - that increasingly connect back to corporate networks.
The firm's scale - a multi-billion-dollar managed portfolio with over a thousand closed deals - means substantial volumes of confidential transaction data, M&A-sensitive information, and regulatory filings that require robust access controls, encryption, and compliance frameworks. Energy sector targeting by state-sponsored actors and financially motivated threat groups adds context to the stakes. No specific technical domains or tooling details are publicly disclosed.