The Next Hacking Frontier: Private Clouds
Before the Labor Day long-weekend, I would like to conduct some fear mongering. Should I talk about the 9.1 percent unemployment rate? Nope. How about a double-dip recession? Nah. Bank of America going belly-up? No thank you.
Rather, let's talk about security, and more specifically, let's talk about the security ─ or lack thereof ─ in the private clouds you techies have been building.
Yesterday, I met with John Linkous, the chief security and compliance officer of eIQnetworks, an Acton, Massachusetts-based security vendor. While there have been several high-profile cases of public clouds being hacked, private clouds on Wall Street have remained ─ as far as I know ─ unaffected.
When I asked Linkous if he expected this trend to continue for the foreseeable future, he gave me a yes-and-no response. Basically, right now there is no reason for the hacking community to set its sights on Wall Street, because there isn't a Fabergé egg to be found, he says.
Even those cutting-edge hedge funds that have been developing internal cloud solutions haven't been keen on putting important information into those environments. But when you consider the leaps and bounds that have been made toward getting the buy side to be comfortable with the cloud, it's only a matter of time until the industry starts to put sensitive information into such environments.
Linkous used Microsoft's operating system as an example to illustrate his point. Back in 2000, Microsoft dominated the OS scene. Thus, there was more incentive for hackers to find the cracks in Windows. But as Microsoft has lost marketshare to the likes of Apple, it has created greater incentive for the attacking community to turn its attention on Apple's OS.
"I think that there will be a tipping point when enough critical data gets out there that's worth hacking," Linkous says. "Vendors haven't fully addressed those security concerns yet, and there's going to be a plateau when those attacks go like crazy and vendors will be forced to implement appropriate security controls. At the end of the day, what drives business? Security or functionality? It's functionality every time ─ security is an afterthought."
While Linkous has a dog in this fight, there's plenty of reason to believe what he's saying. If elite hackers can tap into the Department of Defense, surely they can get into a $2 billion hedge fund's private cloud.
So please take this thought with you into the three-day weekend: You are not nearly as secure as you think you are.
Have a great Labor Day!
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: https://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@waterstechnology.com
More on Trading Tech
Robeco tests credit tool built in Bloomberg’s Python platform
This follows the asset manager’s participation in Bloomberg’s Code Crunch hackathon in Singapore, alongside other firms including LGT Investment Bank and university students.
FCA eyes equities tape, OpenAI and Capco team up, prediction markets gain steam, and more
The Waters Cooler: More tokenization, Ediphy lawsuit updates, Rimes teams up with Databricks, and more in this week’s news roundup.
Buy-side data heads push being on ‘right side’ of GenAI
Data heads at Man Group and Systematica Investments explain how GenAI has transformed the quant research process.
Technology alone is not enough for Europe’s T+1 push
Testing will be a key component of a successful implementation. However, the respective taskforces have yet to release more details on the testing schedules.
MayStreet founder says LSEG abandoned integration in new court filing
In response to LSEG’s motion to dismiss a lawsuit filed by the founder of one of its acquired companies, lawyers for Patrick Flannery have offered more details around communications between MayStreet and the exchange group.
As outages spread, it’s time to rethink how we view infrastructure technology
Waters Wrap: First AWS and then Azure. And these are only the most recent of significant outages. Anthony says a change is needed when it comes to calculating server migrations.
LLM firms come for finance, BMLL gets bought, LSEG users get Preqin feeds, and more
The Waters Cooler: Tradeweb completes fully electronic RFM swaptions trade, IBM cashes in on digital asset mania, and more frights and delights in this week’s news roundup.
TMX’s CEO wonders if tokenization is a ‘solution looking for a problem’
While acknowledging the potential of tokenizing securities, John McKenzie said regulators shouldn’t move too fast, and let customer demand drive adoption.
