Options Panelists: Algos are the New Hope — and Target — in Cyber Wars
Tracking network behavior patterns is the latest priority as IP becomes a target.

The panel — which featured a pair of two chief technologists and two additional experts in the area — covered many of the subjects hit on in Waters' full issue on the topic in April, and featured no shortage of strange realities, as well.
Firms are now sending their staff on business with 'burner' phones and laptops, rather than scrub them later. A few funds have dumped passwords entirely in lieu of swipe cards for workstation access. Nearly half of firms still don't have a proper patching program at all, according to one study. And even chief compliance officers are being caught up in phishing campaign simulations.
The old, nagging issues are still there, in other words.
But above all, the takeaways were two, and both come under the banner of newly-developed sophistication in the space.
Targeting Algos
They're not doing this for notoriety anymore; they're doing this for financial gain, and whether aiming for a trading advantage or something else, it's the IP that's valuable. - Todd Ferguson, Raymond James Financial
On the hacker side, the latest theme becoming more prevalent is the "zero-day" attack, which can operate on a firm's network without leaving any timestamp at all — essentially proving undetectable to commodity software used today.
Partly as a result of this, hackers have upped their game and two new threat vectors are emerging with respect to trading systems' code, according to Daniel Romanelli at consultancy Delta Risk LLC.
"In the last year we've seen an automated trading firm in equities being slowed down by milliseconds, occasionally, over the course of three months," he said. "Usually when that happens, your first step isn't to ask security about it; you go to your quants and developers instead, but in this case they had been hacked and were actually being traded against during those times. Other cases that have also come out around pure theft of intellectual property, stealing code for resale. It's tough to quantify the extent of this, because unlike other cyber-related activities [through FS-ISAC and other industry bodies] most firms aren't exactly announcing this to the press."
It's a significant change, as Todd Ferguson, vice president for information security engineering at Tampa, Fl.-based Raymond James Financial, put it. "They're not doing this for notoriety anymore; they're doing this for financial gain, and whether aiming for a trading advantage or something else, it's the IP that's valuable."
Containerization, Patterns
On the defensive side, Robert Cornish, chief information officer at International Securities Exchange (ISE), did note some positive news: that new entrants are developing better behavioral algorithmic tools to complement changes in cyber strategy.
"New tech companies are coming to market and grabbing share quickly from traditional technologies, with systems that model your network environment, and leverage pattern-recognition algorithms to identify differences in the way your network behaves," he said. "These go along with increased use of operating systems, a few from Linux for example, that are read-only and new technology around containerization like Docker, which uses the minimal amount of additional software to run an application, minimizing the attack vector.
Going forward, Paul Chew, from PricewaterhouseCoopers, also pointed out the benefit of these elements in dealing with extended end-points and an impending regulatory mandate, as well.
"You need tools to monitor actors that are reaching out to IP addresses on your network that aren't typical, to create a response profile to those and account for what they're rescanning," he said. "They're also important for protection of new end-points and third-party systems. That's a key element in Regulation SCI, but the most important thing is to speed things up in terms of reacting during the time from Victim Zero to Victim One. That compromise is usually within 24 hours, so the need to get this right is imperative."
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: https://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@waterstechnology.com
More on Emerging Technologies
BlueMatrix acquires FactSet’s RMS Partners platform
This is the third acquisition BlueMatrix has made this year.
Waters Wavelength Ep. 331: Cresting Wave’s Bill Murphy
Bill Murphy, Blackstone’s former CTO, joins to discuss that much-discussed MIT study on AI projects failing and factors executives should consider as the technology continues to evolves.
FactSet adds MarketAxess CP+ data, LSEG files dismissal, BNY’s new AI lab, and more
The Waters Cooler: Synthetic data for LLM training, Dora confusion, GenAI’s ‘blind spots,’ and our 9/11 remembrance in this week’s news roundup.
Chief investment officers persist with GenAI tools despite ‘blind spots’
Trading heads from JP Morgan, UBS, and M&G Investments explained why their firms were bullish on GenAI, even as “replicability and reproducibility” challenges persist.
Wall Street hesitates on synthetic data as AI push gathers steam
Deutsche Bank and JP Morgan have differing opinions on the use of synthetic data to train LLMs.
A Q&A with H2O’s tech chief on reducing GenAI noise
Timothée Consigny says the key to GenAI experimentation rests in leveraging the expertise of portfolio managers “to curate smaller and more relevant datasets.”
Etrading wins UK bond tape, R3 debuts new lab, TNS buys Radianz, and more
The Waters Cooler: The Swiss release an LLM, overnight trading strays further from reach, and the private markets frenzy continues in this week’s news roundup.
AI fails for many reasons but succeeds for few
Firms hoping to achieve ROI on their AI efforts must focus on data, partnerships, and scale—but a fundamental roadblock remains.