High Time for Cybercrime
For me, 2013 has pretty much been the year of the cybercriminal, in that every month I've written about, or had discussions on, something to do with cybercrime. It's a big phrase, and it's not entirely fleshed out yet, but recently it seems as if the financial services industry, or more accurately, the financial-markets side, is doing something about it.
You'd be forgiven for thinking otherwise, though. From my experiences as a reporter trying to cover the story, nobody wants to talk about it. Most major exchanges reply with "I don't think we want to be discussing that, James", and most banks say "We don't want to draw attention to ourselves." Presumably because they're comfortable with a bank's natural under-the-radar profile. But the discussions are going on, as are the attacks, and the penetrations, and the activity we don't hear about in the mainstream press.
But, the sense of forward motion is building. The World Federation of Exchanges (WFE) announced the formation of a cybersecurity committee last week, featuring most of the big names of the global exchange landscape, and headed up by Nasdaq's CISO─or chief information security officer. Further simulations akin to Global Dawn II, held by the Securities Industry and Financial Markets Association earlier this year, have been employed with success.
Public Image
The theft of money through cyberattack is one thing, but at the end of the day, money can be replaced. Reputation is something much harder to quantify in dollars and cents, and in the new era of online, the security and integrity of an institution (therefore an individual's money) is probably the overriding contributor to that reputation. Confidence is king, and damaging confidence damages the institution, and in a wider sense, the real economy and political world as well.
So, therefore, cybercrime will naturally become a matter for regulation, probably in the not-too-distant future. Those regulations, I'm told, will be minimum standards though, and firms will be expected to go above and beyond that, and essentially do whatever it takes to keep their systems secure.
The World Federation of Exchanges (WFE) announced the formation of a cybersecurity committee last week, featuring most of the big names of the global exchange landscape, and headed up by Nasdaq's CISO.
It's a good thing, then, that the industry is getting together and collaborating on best practice. But no defense, particularly in the cyber arena, can be fool proof. As one ex-FBI cyber agent told me a few months ago (in a more dramatic metaphor than this): if somebody wants to do something, they'll do it. There will always be a ladder tall enough to get over the wall, or an insider disgruntled enough to leave the drawbridge down and the portcullis up.
Taking this in mind, mitigation becomes crucially important, if total prevention is impossible. But it's such an overwhelmingly complex topic area that it's hard for many institutions to adequately put protections in place. Cybercrime can be taught from a legal perspective, but from a practical perspective, it's impossible to keep up to speed with the latest threat vectors, delivery mechanisms, and assault methodology in a classroom. For the financial services industry, tough times are ahead.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@waterstechnology.com
More on Data Management
How a consolidated tape could address bond liquidity fragmentation
Chris Murphy, CEO of Ediphy, writes that the biggest goal of a fixed-income tape should be the aggregation of, and democratized access to, market data.
Tech VC funding: It’s not just about the money
The IMD Wrap: It’s been a busy year for tech and data companies seeking cash to kick-start new efforts. Max details how some are putting the fun into fundraising.
BNY uses proprietary data store to connect disparate applications
Internally built ODS is the “bedrock” upon which BNY plans to become more than just a custodian bank.
Waters Wavelength Ep. 296: Questions about data quality
It’s all about the data, data, data.
The AI boom proves a boon for chief data officers
Voice of the CDO: As trading firms incorporate AI and large language models into their investment workflows, there’s a growing realization among firms that their data governance structures are riddled with holes. Enter the chief data officer.
FactSet launches conversational AI for increased productivity
FactSet is set to release a generative AI search agent across its platform in early 2025.
If M&A picks up, who’s on the auction block?
Waters Wrap: With projections that mergers and acquisitions are geared to pick back up in 2025, Anthony reads the tea leaves of 25 of this year’s deals to predict which vendors might be most valuable.
ICE Connect adds data integration capabilities for proprietary data
Intercontinental Exchange’s desktop platform is collaborating with CloudQuant to allow customers to integrate in-house data and analytics with the datasets found on its ICE Connect platform.