The Devil is in the Data
Imagination dictates a scenario where banks of people, lit by the gently glowing screens of ultra-powerful computers, talk animatedly into headsets while flashing runes on a central terminal relay attack vectors for the cyber-perps. There's probably a general somewhere, too. Either way, the sky above the port is most definitely the color of television, tuned to a dead channel.
I suppose the naming conventions can't be given too much stick, even if they are a little grandiloquent. Events dubbed Moderate Sunrise and Hangover Fish probably wouldn't engender the same muscular urgency among their target audience. But it's a good thing that they're being held. And even more encouragingly, it looks as if banks and financial-market infrastructures are beginning to harden their defenses against digital penetration.
Maginot Lines
Indeed, the Bank of England (BoE) report from the event makes, on the whole, for pretty decent reading. Communication is good, responses are good, technicals are good. All systems go, captain. The problem seems to be more with the exercise itself, in that it needs to more accurately reflect the world's market environment, and possibly not be four hours long next time.
In my reporting on the story last week, I quoted David Porter, head of fraud analytics and SAS UK & Ireland, who had a few interesting things to say about detecting and preventing cyber-attack. Important to the whole piece is an understanding of data, naturally. Further quotes not in the story talked about how an institution may not know that it is under attack until said assault is fully underway, or it's already happened.
That, I think, is the key to understanding cyber prevention. If somebody wanted to rob a bank a century ago, they'd bust in, guns blazing. Or, if they had a degree of intelligence, they might sneak in and take the cash from the safe, and the bank wouldn't be any the wiser until the next morning, when it came to shift money that wasn't there. So, we invented closed-circuit television cameras, laser tripwires for alarm systems, pressure detectors for sensitive areas, and any number of devices aimed at preventing physical intrusion. Most of it relied on a team of security guards who were able to respond to threats as they occurred.
Important to the whole piece is an understanding of data, naturally. Further quotes talked about how an institution may not know that it is under attack until said assault is fully underway, or it's already happened.
Impossible Protection
In the cyberspace arena, we have firewalls and segregated systems, but that's a bit like putting a dozing guard on the door of the vault. He can be bypassed. Over the past few years, we've become more advanced, particularly with distributed computing and fail-over techniques, and in a sense, we've begun to install the cameras and anti-theft technology, just in the digital realm. The only difference is that, without an understanding of networks, system environments and the data that flows through them, we don't have that team of chaps in the control room.
I'm saying ‘we' a lot, but I've neither worked in a bank, nor in cybersecurity. However, the principles are easy to grasp. The devil is in the data, after all.
And besides, the one thing that all of these different periods of time and environments have in common, regardless of how low or high-tech the security might be, is that they all share one, single attack vector that presents a threat greater than a revolver or a botnet.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@waterstechnology.com or view our subscription options here: http://subscriptions.waterstechnology.com/subscribe
You are currently unable to print this content. Please contact info@waterstechnology.com to find out more.
You are currently unable to copy this content. Please contact info@waterstechnology.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@waterstechnology.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@waterstechnology.com
More on Data Management
Waters Wavelength Ep. 296: Questions about data quality
It’s all about the data, data, data.
The AI boom proves a boon for chief data officers
Voice of the CDO: As trading firms incorporate AI and large language models into their investment workflows, there’s a growing realization among firms that their data governance structures are riddled with holes. Enter the chief data officer.
FactSet launches conversational AI for increased productivity
FactSet is set to release a generative AI search agent across its platform in early 2025.
If M&A picks up, who’s on the auction block?
Waters Wrap: With projections that mergers and acquisitions are geared to pick back up in 2025, Anthony reads the tea leaves of 25 of this year’s deals to predict which vendors might be most valuable.
ICE Connect adds data integration capabilities for proprietary data
Intercontinental Exchange’s desktop platform is collaborating with CloudQuant to allow customers to integrate in-house data and analytics with the datasets found on its ICE Connect platform.
MIAX taps DataBP for exchange data licensing, custom contracts
To support planned growth of its data business, the exchange group has implemented DataBP’s platform to strengthen its licensing process and scale up its distribution capabilities in anticipation of end-user demand.
The Waters Cooler: A little crime never hurt nobody
Do you guys remember that 2006 Pitchfork review of Shine On by Jet?
Removal of Chevron spells t-r-o-u-b-l-e for the C-A-T
Citadel Securities and the American Securities Association are suing the SEC to limit the Consolidated Audit Trail, and their case may be aided by the removal of a key piece of the agency’s legislative power earlier this year.