Scratch under the surface of just about any capital markets firm and it’s a safe bet that at some point it will have been the victim of some form of cyber-attack or security breach, irrespective of whether the details of the incident are a matter of public record or not. The previous winners of this category—first introduced to the Buy-Side Technology Awards in 2015—have been security specialists, but now more traditional trading technology vendors have upped their game. This year’s winner of best buy-side cyber-security platform, FIS, is a prime example of this trend, currently offering its cyber-security tools to over 700 hosted clients on its Investment Operations suite, having rolled out the service to 45 existing clients and onboarded 90 new buy-side firms over the course of the last year.
From run-of-the-mill hackers to nation states seeking to create chaos across the financial markets, the threat of cyber-attacks has escalated to the point where it has become a number one priority for buy-side firms. Asset managers are now making increased demands for built-in security tools for the front office, particularly for those organizations that do not have the resources to invest in a separate security platform to protect their existing trading technologies. FIS has moved to respond to these demands by building out the suite’s security framework and technology foundation.
FIS operates a three-line security defense model for its Investment Operations suite, based on prevention at network, host, application and data levels, detection with egress monitoring, security-event monitoring and threat intelligence, response through incident management, distributed denial of service (DDOS) protection and business-continuity planning. The firm provides over 470 pieces of “collateral,” including system and organization controls (SOCs) reports that assist users in conducting vendor risk management processes, going beyond industry standards. Last year, FIS assessed over 4,700 risk scenarios across 114 categories, and implemented 250 risk system enhancements that meant one in four security issues could be self-identified by users.
This year, FIS furthered its cybersecurity capabilities through the launch of the Cyber Fusion Center (CFC), a dedicated security facility that brings together the firm’s information security teams to work with greater speed and coordinated agility, which the vendor claims has helped reduce its incident response time by 95 percent. Running 24/7/365, CFC supports real-time monitoring and correlation of over 100,000 threat intelligence indicators to allow for real-time incident response.
Anthony and James spoke with some sources about the big acquisition of Charles River by State Street, and right now, there are more questions than answers.Subscribe to Weekly Wrap emails