Cyber's Delphic Dilemma

Sometimes, I have an uncanny ability to predict the future.

Earlier this week, we saw some news that an influential buy-side foursome would join the Plato Project in London, which is collaborating on a new proprietary trading platform.

At the time, I made a half-baked, and totally horrendous joke to my colleague Anthony Malakian about how Socrates must feel about the whole thing. But here we are, with one of the oldest philosophical quandaries from Ancient Greece, scribbled on the Temple of Delphi — and often attributed to Socrates, though it's probably actually much older — leading a BST editor's letter.

Cyber Overload

'Know Thyself'. That is how Dillman Capital's CIO, Philip Chou, put it this week to conclude a discussion on the newest troubles with managing cyber risk. It's amazing how an adage so old could apply to something so comparatively new.

And it's also fair to say that from sifting through intelligence, correlating data points around threat detection, and then sharing information (and perhaps, during crisis situations, even personnel) across the industry, there is a lot to do in order to get there. 

As was pointed out in an article last week by Dan DeFrancesco, how weird is it that where it comes to cyber, more information and horror stories being passed around is actually a good thing? It's a cultural sea change, in fact, given how tight-lipped firms used to be about these issues just a few short years ago. 

It sounds as if this is born out of necessity, however. We all know about the recent attacks and how awareness has increased. The heat is on. Anecdotally, though, the intelligence problem — one might even venture to say a big data problem, at this point — is a sticky one for two technical reasons.

First of all, for all the media attention of attacks after they happen, good forward-looking intelligence about daily threats still seems hard to wrangle. Thankfully, it does seem a number of startups, iSight and Zscaler among others, have been doing good work to bridge that gap in very different ways, with serious buy-side firms — Blackstone and Oppenheimer respectively — gaining very positive, practical results. Seems like a good start.

False Negatives

The second reason is almost the opposite problem, and probably the more difficult of the two: having too many false negatives, in the tens of thousands every day, to sift through and correlate back across multiple analytics platforms to really get a handle on what's in the system, and what the botnets or malware there might be doing.

It suffices to say that, for investment managers and hedge funds especially, this is like car insurance: about as far from a value-added expenditure as conceivably possible, and yet a serious problem if you get rear-ended without it.

The hitch, really, is that this is about the nature of the internet — and human habits — in 2015, not about size or investment strategy. You can't say this is just a "big firm" problem when every firm's network usage percentage is quickly being gobbled up by internet bandwidth. 70 percent at a startup manager is just the same as 70 percent at Blackstone. Still a huge chunk, in other words, and a reality that many financial services companies haven't quite caught up to.

And some may never bother trying, which should surely worry investors.

We're quite happy to continue covering events in cyber going forward. We'll have more content from OpRisk as well as a number of features relating cyber to the capital markets in the coming week, starting today with an exhaustive study of the rise of the chief information security officer (CISO) role, so stay tuned.