The Walls Really Do Have Ears
The awful inevitability of cyberattack—and how the threats are only growing
This is, in no small part, due to the fact that the bad guys are so varied. Criminal gangs use cyberattacks to siphon and extort money from the populace, the digital equivalent of a knife-point mugging in a New York alleyway. Meanwhile the more advanced, organized elements have figured out ways to infiltrate the world’s payment systems, and nation states are linked with attacks that have brought down hospitals, nuclear bunkers and infrastructure.
Recently, I was sat behind two very senior, very experienced cybersecurity specialists—one who had spent his career in government, one in finance—waiting for a conference panel to start.
“People just want a problem to solve, especially in finance, and it’s hard to tell them that this is not a problem that can be just solved,” said one to the other. “Especially when it comes to nation states, when you have 40,000 people sitting on keyboards against you. No private-sector entity can stop a state-sponsored hack.”
Most conversations with cybersecurity specialists tend to come back to this central point, which is that you simply can’t avoid cyberattacks, and that they are going to happen at some point. Preventative measures are important, but it’s almost impossible to guard against every threat vector. Likening it to close protection of public figures, a former Federal Bureau of Investigation cyber agent once told me: “If somebody wants to shoot the US president, they will. The difference is that they’re going to get shot, too, but you can’t stop a fanatic.”
Then it becomes an issue of getting in the way of the bullet, so to speak, and minimising the damage.
The problem with cybersecurity these days is that there may not be a Lee Harvey Oswald sitting in a sixth-floor window, waiting to take his shot. Rather, the threat sits on USB sticks and fitness bands, in kitchens and even in the very plumbing of a building. Bring your own device used to make information security officers think that employees were carrying ticking bombs in their pockets, via their BlackBerrys and iPhones. Now they’re putting them on their desks through the Internet of Things (IoT).
Waters reporter Emilia David has a fascinating feature on IoT and cybersecurity coming out next week, so keep your eyes peeled for that. But with the latest rash of attacks through WannaCry affecting hospitals, and most recently, car plants, there is a general sense of unease that a sophisticated attack might infect exchanges, brokers or—heavens forbid—clearing houses and spread like wildfire through the financial system.
As such, serious questions might need to be asked about what’s being brought into a firm’s systems, and how those threats can be mitigated. Quantifying the benefits of this is important. Cyber risk has been creeping towards the top of the business agenda for a while, but there is still a sense among many firms I speak to that it’s a hard sell. Why spend millions on cyber defense when it’s not going to generate returns on that investment?
Finding a way to measure that benefit in dollars and cents, before the true cost of a cyberattack hits home, would seem to be a key challenge.
This week on Buy-Side Technology:
- Phones, excel spreadsheets and cut-and-paste axe lists transmitted through Bloomberg messages. No, we’re not back in the Nineties, we’re talking about the European credit repo market, which at least one industry group thinks is ripe for technology to come and do its thing. Oddly enough, though, it kinds of works as it is.
- The Markets in Financial Instruments Directive (Mifid II) continues to extend its reach across trading firms, and Eze Software Group is the latest to lay claim to solving the unbundling crisis through the launch of its new platform. This one’s in the cloud.
- If you think cyber risk is scary, wait until you hear about artificial intelligence. Alright, drone-camera footage of mall parking lots isn’t the stuff of nightmares, but Anthony Malakian has a nice piece here on how machine learning and similar techniques may be a new arms race among the more technologically minded shops.
- Meanwhile, IHS Markit and Deloitte have partnered for… wait for it… Mifid II. This one’s around client communications.
- Startup Quantave also wants to put some good old-fashioned regulatory wrappers around the Wild West of the digital currencies market, given the problematic scenario at present where exchanges tend to be venues, custodians and often brokers in one. I’m actually keen to speak further on the topic of digital currencies becoming an institutional-grade asset class, so if anyone has any thoughts, get in touch. You can shoot me an email on james.rundle@incisivemedia.com or call me on 646-490-3974.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@waterstechnology.com
More on Emerging Technologies
The Waters Cooler: Tidings of comfort and joy
Christmas is almost upon us. Have you been naughty or nice?
FactSet launches conversational AI for increased productivity
FactSet is set to release a generative AI search agent across its platform in early 2025.
Waters Wavelength Ep. 295: Vision57’s Steve Grob
Steve Grob joins the podcast to discuss all things interoperability, AI, and the future of the OMS.
S&P debuts GenAI ‘Document Intelligence’ for Capital IQ
The new tool provides summaries of lengthy text-based documents such as filings and earnings transcripts and allows users to query the documents with a ChatGPT-style interface.
The Waters Cooler: Are times really a-changin?
New thinking around buy-build? Changing tides in after-hours trading? Trump is back? Lots to get to.
A tech revolution in an old-school industry: FX
FX is in a state of transition, as asset managers and financial firms explore modernizing their operating processes. But manual processes persist. MillTechFX’s Eric Huttman makes the case for doubling down on new technology and embracing automation to increase operational efficiency in FX.
Waters Wavelength Ep. 294: Grasshopper’s James Leong
James Leong, CEO of Grasshopper, a proprietary trading firm based in Singapore, joins to discuss market reforms.
The Waters Cooler: Big Tech, big fines, big tunes
Amazon stumbles on genAI, Google gets fined more money than ever, and Eliot weighs in on the best James Bond film debate.