A Change in the Wind: Trading Firms More Willing to Discuss Cyber Tactics
firms are more willing to talk about cyber security to gain knowledge.

I had a pretty good idea on December 8 last year that cyber security was going to be a big deal for capital markets firms in the New Year.
That day, we held our annual Waters USA conference, which brings together CIOs and CTOs from across the industry, both buy and sell side. I was responsible for chairing the opening C-Level panel, prior to which, we-the four CIOs and I-debated, during a conference call, the topics we should focus on during the planned 45-minute panel discussion. When the topic of cyber security came up, everybody was onboard, while at the event itself, several panels focused on cyber-related topics.
This is a departure from years past. My contacts had never wanted to delve into security-at least not in a public forum-because they were worried that they might inadvertently taunt hackers to take aim at their firm (consider the environment during the Occupy Wall Street movement), or because they felt that they didn't know enough about it to talk on the subject.
This has changed as the headlines being made, and the questions coming from board members and investors, alike, are more prevalent. Vulnerabilities like Heartbleed and Shellshock are now front-page events that demand attention.
As one CIO told me, "You can't have clients calling in and asking if our defenses are tight and have them go, ‘What do you mean?' You have to prepare talking points and ensure that the call center is ready to take those calls. It's more of a PR event. That's the phenomenon that has changed in recent years-if something comes out and it hits the press, it goes into another dimension of priority."
The VP of sales doesn't give a damn that I have to do these patches. As far as they're concerned, their projects are ‘light switches' and the light had better go on when they ask for something.
All Is Not Lost
It's easy to take on something of a nihilistic view point when it comes to defending one's environment against hackers. Take, for example, a distributed denial of service (DDoS) attack. Sure, the hackers aren't targeting information-rather, they'll shut down websites and prevent people from transacting online-although, as one security expert explained to me, DDoS attacks are often used to divert attention from a back-door infiltration. Essentially, the DDoS attack is like a boxer's jab-it's used to distract you and keep you off balance so that you don't see the cross coming before it lands on your chin. How do you stop something like that?
The good thing, though, is that there are not territorial fights that exist nowadays when it comes to security. If the security group says that XYZ changes need to be made, there won't be much push back.
But, as I alluded to in my feature on patching on page 30, the IT team can feel like it's being pulled in all directions. Every week, the business side of the company wants more enhancements on their systems, and their clients don't want to hear that they have to wait on an upgrade because they're busy testing a patch.
Technology and operations always have to run their own back-ups, upgrades and apply patches. Sometimes they require extensive, time-consuming testing, depending on how virulent the potential harm could be. That can lead to IT having to tell the business or clients that those changes they had promised a week ago are going to have to be pushed back. Such mission-critical tasks go all the way to the CEO, and when you're in IT, you don't want the CEO poking around in the dungeon.
As one executive told me, there's just never enough time. And as hackers have become more sophisticated, time has become an increasingly valuable commodity.
"Time is a killer," the executive explained. "There just isn't enough time to get all the changes into the environment that clients want and that IT wants. The VP of sales doesn't give a damn that I have to do these patches. As far as they're concerned, their projects are ‘light switches' and the light had better go on when they ask for something."
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@waterstechnology.com
More on Emerging Technologies
Millennium Management enlists Google for building custom tech solutions
Google Cloud’s capital markets director Rohit Bhat details the cloud giant’s buy-side strategy.
AI model uses quantum math to learn like a human
Could the next big breakthrough in machine learning come from the world of finance?
The IMD Wrap: Dining on data, from pay-as-you-go to all-you-can-eat
Max puts on his best Anthony Bourdain voice to reminisce about seminal sushi experiences, and to look forward to the future, where perhaps the industry will also adopt more consumption-based approaches to market data (and hopefully more sushi).
Tick History – Query: Looking back to the future
The advantages of cloud-based services is well documented, from reduced upfront and ongoing operating and infrastructure costs to improved time-to-market for new services and datasets. Here, Tim Anderson, LSEG explains how the benefits of the service…
This Week: Nasdaq; Symphony/Google; Interop.io and more
A summary of the latest financial technology news.
Using genAI for post-trade processing could reduce failures, fines
Shortening settlement times are pressuring firms to do more, faster. IBM’s Soren Mortensen argues that genAI and ML can help eliminate errors and speed up post-trade processes.
Interop tech buys time for buy-side fixed-income traders
A few buy-side traders and portfolio managers spearheading a drive for greater interoperability are reaping the rewards of increased workplace efficiency. Is interoperability the fixed-income panacea the buy side has been looking for?
UK pushes financial firms to adopt privacy-enhancing technologies
Lawmakers and vendors are set to usher in an era of mutualized data insights. Are banks ready?