James Rundle: Dark Alleys
“Imagine you’re in a bad neighborhood, walking through a dark alleyway at three in the morning,” says one representative from a major US financial utility, speaking to me during a recent visit to London. “You’ll be a lot more aware of your surroundings than you would be in a city center during your lunch hour,” he says. “When it comes to cyberspace, most people involved in security tend to assume that it’s all dark alleys.”
Cybercrime has been at the top of the news agenda for several years now, in particular the mass-organized distributed denial of service (DDoS) attacks orchestrated by so-called “hacktivist” groups or movements like Anonymous. Outside of a political protest, though, DDoS and similar attacks have a serious undertone, and attacks against banks are worth millions of dollars to criminals every year.
Former White House cyber security advisor Richard Clarke, in formulating a manageable yet apt description conveying the threats that companies and governments face from the cyber arena, came up with the acronym CHEW—crime, hacktivists, espionage and war.
Extant Threats
For capital markets-focused institutions, it’s the last three letters of the acronym that really matter. Retail operations are susceptible to the crime element, but securities dealers, clearing houses, depositories and investment banks, given the complexity of the organizations, are likely to face a more sophisticated form of opponent. The designation of several well-known US bodies by the government as Systemically Important Financial Institutions (SIFIs) adds further weight to the level of preparation that needs to be undertaken by sell-side firms, giving a national security impetus rather than simple preservation of integrity.
From the technology perspective, it’s a tough challenge. Segregated systems, redundancy, back-ups, off-site datacenters and other tools have been used for years, but the introduction of new points of egress continue to introduce risks. Take mobile devices, for instance. While remote wiping is an effective way of controlling device proliferation, a determined intruder with a plan in mind potentially gains access through the back door to systems through a stolen device. Likewise, the internal threat from disgruntled employees, or—in the case of espionage and war—planted agents, becomes particularly difficult to defend against.
Cyber risk is rapidly becoming one of the key challenges in the modern era. And executives appear to be listening.
Taking Threats Seriously
The industry is taking this seriously, however, with a high degree of information-sharing between institutions, and the build-out of various systems to analyze, detect and act on threats. All of this is in the process of being fine-tuned, particularly as government regulations develop alongside the evolution of technology. One problem, as those familiar with compliance systems will empathize with, is the generation of alerts for possible intrusion or attack, and coping without drowning in false positives and erroneous determinations. The person I spoke to this month says his institution typically has hundreds of alerts in alarmingly short time frames, although he declines to say exactly how many.
Outside Focus
It is perhaps a sign of the times we live in that the stuff of cyberpunk and science fiction is a reality—or at least, is rapidly becoming one. While market risk, credit risk, operational risk, the greeks, and everything else related to trading and risk management, are intrinsic to the effective running of an investment operation, cyber risk is rapidly becoming one of the key challenges in the modern era. And executives appear to be listening. The person I spoke to likens explaining cyber security to business leaders, as a car’s seat belts—you never fully appreciate them until you’ve been in a car crash. Now, he says, the educational aspect is accomplished, and it’s the solution process that’s in full swing.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@waterstechnology.com
More on Emerging Technologies
Nasdaq reshuffles tech divisions post-Adenza
Adenza is now fully integrated into the exchange operator’s ecosystem, bringing opportunities for new business and a fresh perspective on how fintech fits into its strategy.
Liquidnet sees electronic future for gray bond trading
TP Icap’s gray market bond trading unit has more than doubled transactions in the first quarter of 2024.
Verafin launches genAI copilot for fincrime investigators
Features include document summarization and improved research tools.
Waters Wrap: Open source and storm clouds on the horizon
Regulators and politicians in America and Europe are increasingly concerned about AI—and, by extension, open-source development. Anthony says there are real reasons for concern.
Waters Wavelength Podcast: Broadridge’s Joseph Lo on GPTs
Joseph Lo, head of enterprise platforms at Broadridge, joins the podcast to discuss AI tools.
Man Group CTO eyes ‘significant impact’ for genAI across the fund
Man Group’s Gary Collier discussed the potential merits of and use cases for generative AI across the business at an event in London hosted by Bloomberg.
BNY Mellon deploys Nvidia DGX SuperPOD, identifies hundreds of AI use cases
BNY Mellon says it is the first bank to deploy Nvidia’s AI datacenter infrastructure, as it joins an increasing number of Wall Street firms that are embracing AI technologies.
This Week: Linedata acquires DreamQuark, Tradeweb, Rimes, Genesis, and more
A summary of some of the latest financial technology news.
Most read
- Chris Edmonds takes the reins at ICE Fixed Income and Data Services
- Deutsche Börse democratizes data with Marketplace offering
- Waters Wavelength Podcast: Broadridge’s Joseph Lo on GPTs