Graham Ahearne, Corvil Director, Security Product Management, said that the advanced, persistent threat landscape in cyber security poses an enormous risk to global financial markets and Cyber Resilience can be built through standards, collaboration and AI-Powered Automation in these markets.
These remarks were made on the sidelines of FIX Trading Community Annual EMEA Conference, enlisted to address how financial markets can mitigate cyber risk.
While most financial institutions have robust information security solutions and programmes in place, outmaneuvering today’s advanced cyber attackers, who have industrialised their tactics, techniques and procedures, remains one of the biggest operating challenges.
Industry associations such as the FIX Trading Community are playing a key role in spearheading standards to mitigate risks. January 2018 saw the release of the FIX-over-TLS (FIXS) standard and guidelines to help users of the FIX protocol meet security requirements. FIXS is part of a larger programme of work that the FIX Trading Community initiated in response to the cybersecurity challenge.
Trading environments tend to be optimized for one thing: speed. Nowhere else in the world is data moving this fast, in such large volumes, with so much economic value at stake. Performance and speed are paramount, and trading networks do not want additional overhead to weigh them down, which makes adding traditional security systems challenging. Mr. Ahearne says:
There is also a perception, because they are typically segmented from the rest of the enterprise IT infrastructure, that trading environments are safer than others. With more than 80% of breaches stemming from accidental mishaps or malicious insiders, these environments can become compromised.
While in a normal attack, hackers may need to steal data or install ransomware, in financial markets, hackers only need to slightly tweak an algorithm or impair the performance of the network overall. Electronic trading networks are heavily automated, but they play such a huge role in the stock market at large that a rogue trading algorithm could do significant damage.
Whether dealing with nation state attackers, criminals, hacktivists, or simply careless employees, CISOs in financial markets have now taken on the unique role of an independent risk monitor watchdog. Corvil believes AI-powered automation and advanced analytics will also play a big role in the way forward.
Optimal cyber security needs to understand the content of communications, as well as patterns and types of communication. Different, anomalous and malicious content along the same communication paths, tendencies, and applications may still constitute a breach. The only way to govern the proper function of algorithms is by watching over the machines themselves – not just what they are doing, but what they are actually saying to each other.
