Thesys CAT LLC, the processor and developer of the Consolidated Audit Trail (CAT) system, took a major step forward in the development of the delayed initiative today, with the appointment of Vas Rajan as its top information security chief.
Rajan, the former chief information security officer (CISO) and business continuity officer of CLS Bank, officially moves into the role of Thesys CAT’s CISO on March 1. He will report directly to the company’s president, Andre Frank. Prior to CLS, Rajan was the head of security for ING Direct USA.
As CISO for the CAT, Rajan will be responsible for validating and authorizing security in the system as well as executing cybersecurity programs after the CAT goes live. He will also be partnering with CISOs from self-regulatory organizations (SROs) to ensure security standards across the CAT system.
Mike Beller, chief executive officer of Thesys CAT parent firm Thesys Technologies, said in a statement that Rajan is highly capable of meeting the security challenges offered by such a large database.
“Security has been at the forefront of our design and strategy for the CAT system from the beginning, and one important key to success is ensuring there is a well-rounded leader to oversee all the security aspects of the CAT, both before it goes live, and once its operational,” Beller said in a statement. “We are pleased that, together with the SROs, we have found an exceptionally talented candidate like Vas, who is highly capable of securing the system and working with the multiple stakeholders within CAT to deliver best in class security practices.”
Thesys CAT worked with the CAT NMS (national market system) plan committee—consisting of SROs—to find a CISO.
The CAT was supposed to go live on November 15 but it was delayed amid a variety of issues, including the lack of a CISO. Thesys CAT chief compliance officer Shane Swanson previously told WatersTechnology that the team decided a CISO needs to be in place to review security measures before the system is rolled out.
Thesys says the CAT is secure and uses National Institute of Standards and Technology cybersecurity standards, but it was still imperative under the CAT NMS plan for a CISO to validate security measures.
Security has been a concern for the CAT as it will potentially house personally identifiable information, particularly after the Securities and Exchange Commission revealed its company filing system was hacked in 2016. Lawmakers from the House Financial Services Committee drilled Thesys and the SROs on the system’s security during several committee hearings in 2017.
The founder and CEO of Imperative Execution looks at how trade execution is changing and what that means for the buy side.Subscribe to Weekly Wrap emails