Hack attack or cyberspionage

Celent will help qualify your requirements and introduce you to the vendor
Spotted a missing vendor? Use this form to alert a vendor to the Celent service
Create a vendor selection project & run comparison reports
Register to access this feature
Click to express your interest in this report
Indication of coverage against your requirements
Vendor requires PRO subscription to activate this feature
Requires research subscription, contact Celent for more info
5 June 2015
Brad Bailey
As I started writing this blog, yet another major hack has occurred; data for about four million US Federal employees (over 1% of the overall US population) was stolen--in what is certainly a criminal act, and potentially an act of "cyberspionage", if not an act of 21st century warfare. It is interesting to consider whether we are actually in the beginning of a new cold war, as state actors attack, both commercial and government organizations to harass. Is the purpose criminal, to utilize major data sets for criminal gain, or to learn more about one’s enemy? To bring the focus to the financial services vertical, it is clear that ever increasing vigilance is required to defend the banking perimeter, but what needs to be done on the capital market side? The threats of theft of money, theft of confidential information, and the loss of reputational are shared by every industry, and capital market participants are no different. Moreover, there are additional concerns that are specific to the capital markets, which include:
  • Control loss at an execution venue
  • Spoofing attacks that create false liquidity or deter liquidity
  • Wealth destroying false news
  • Central depositories & clearing houses data attacks
To meet these myriad concerns, the challenge is talent. I do not think we have enough former NSA employees and hackers that want to come to the good side to meet the demand required. The solution for cyber protection of the capital markets will come from a number of directions: greater cross industry efforts to share insights and knowledge about known intrusion vectors; greater development of big data tools to overlay simple rules based approaches—given the incredible amount of false positives for intrusion, and hence the natural inclination to begin ignoring data; increased focus on holistic risk assessment encompassing internal and external resources; working closely with infrastructure and telecom/data providers to monitor traffic across networks; development of AI tools that help market participants stay a step ahead of the dark side, allowing robust technology defences that can respond. Please see these recent Celent reports for more information:

Insight details

Content Type
Blogs
Location
Asia-Pacific, EMEA, LATAM, North America