A Change in the Wind: Trading Firms More Willing to Discuss Cyber Tactics
firms are more willing to talk about cyber security to gain knowledge.
I had a pretty good idea on December 8 last year that cyber security was going to be a big deal for capital markets firms in the New Year.
That day, we held our annual Waters USA conference, which brings together CIOs and CTOs from across the industry, both buy and sell side. I was responsible for chairing the opening C-Level panel, prior to which, we-the four CIOs and I-debated, during a conference call, the topics we should focus on during the planned 45-minute panel discussion. When the topic of cyber security came up, everybody was onboard, while at the event itself, several panels focused on cyber-related topics.
This is a departure from years past. My contacts had never wanted to delve into security-at least not in a public forum-because they were worried that they might inadvertently taunt hackers to take aim at their firm (consider the environment during the Occupy Wall Street movement), or because they felt that they didn't know enough about it to talk on the subject.
This has changed as the headlines being made, and the questions coming from board members and investors, alike, are more prevalent. Vulnerabilities like Heartbleed and Shellshock are now front-page events that demand attention.
As one CIO told me, "You can't have clients calling in and asking if our defenses are tight and have them go, ‘What do you mean?' You have to prepare talking points and ensure that the call center is ready to take those calls. It's more of a PR event. That's the phenomenon that has changed in recent years-if something comes out and it hits the press, it goes into another dimension of priority."
The VP of sales doesn't give a damn that I have to do these patches. As far as they're concerned, their projects are ‘light switches' and the light had better go on when they ask for something.
All Is Not Lost
It's easy to take on something of a nihilistic view point when it comes to defending one's environment against hackers. Take, for example, a distributed denial of service (DDoS) attack. Sure, the hackers aren't targeting information-rather, they'll shut down websites and prevent people from transacting online-although, as one security expert explained to me, DDoS attacks are often used to divert attention from a back-door infiltration. Essentially, the DDoS attack is like a boxer's jab-it's used to distract you and keep you off balance so that you don't see the cross coming before it lands on your chin. How do you stop something like that?
The good thing, though, is that there are not territorial fights that exist nowadays when it comes to security. If the security group says that XYZ changes need to be made, there won't be much push back.
But, as I alluded to in my feature on patching on page 30, the IT team can feel like it's being pulled in all directions. Every week, the business side of the company wants more enhancements on their systems, and their clients don't want to hear that they have to wait on an upgrade because they're busy testing a patch.
Technology and operations always have to run their own back-ups, upgrades and apply patches. Sometimes they require extensive, time-consuming testing, depending on how virulent the potential harm could be. That can lead to IT having to tell the business or clients that those changes they had promised a week ago are going to have to be pushed back. Such mission-critical tasks go all the way to the CEO, and when you're in IT, you don't want the CEO poking around in the dungeon.
As one executive told me, there's just never enough time. And as hackers have become more sophisticated, time has become an increasingly valuable commodity.
"Time is a killer," the executive explained. "There just isn't enough time to get all the changes into the environment that clients want and that IT wants. The VP of sales doesn't give a damn that I have to do these patches. As far as they're concerned, their projects are ‘light switches' and the light had better go on when they ask for something."
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@waterstechnology.com
More on Emerging Technologies
An AI-first approach to model risk management
Firms must define their AI risk appetite before trying to manage or model it, says Christophe Rougeaux
Waters Wavelength Ep. 297: How to talk to the media
This week, Tony and Wei-Shen discuss the dos and don’ts for sources interacting with the media.
The Waters Cooler: Tidings of comfort and joy
Christmas is almost upon us. Have you been naughty or nice?
FactSet launches conversational AI for increased productivity
FactSet is set to release a generative AI search agent across its platform in early 2025.
Waters Wavelength Ep. 295: Vision57’s Steve Grob
Steve Grob joins the podcast to discuss all things interoperability, AI, and the future of the OMS.
S&P debuts GenAI ‘Document Intelligence’ for Capital IQ
The new tool provides summaries of lengthy text-based documents such as filings and earnings transcripts and allows users to query the documents with a ChatGPT-style interface.
The Waters Cooler: Are times really a-changin?
New thinking around buy-build? Changing tides in after-hours trading? Trump is back? Lots to get to.
A tech revolution in an old-school industry: FX
FX is in a state of transition, as asset managers and financial firms explore modernizing their operating processes. But manual processes persist. MillTechFX’s Eric Huttman makes the case for doubling down on new technology and embracing automation to increase operational efficiency in FX.