Protecting financial markets from cyber threats
With cyber-attacks growing, firms need to be able to exchange information with their counter parties securely and compliantly.
In the global financial markets sector, security is an ever-growing concern.
Financial institutions and market infrastructure providers are susceptible to high cybersecurity risks, which are arguably greater now than ever given the increasingly complex architecture around how firms interconnect with each other. The rapid growth in mobile and digital channels, growing usage of the cloud and the increasing electronification of global markets, all present potential infiltration opportunities for bad actors. And firms face not only financial exposure in the event of successful cyberattacks, but also significant reputational risk, as well as substantial penalties from regulators increasingly focused on cybersecurity as a pillar of operational resilience.
Since the onset of the pandemic, firms have rushed to enable remote access to critical trading and support systems for staff working from home, which has created a greater demand for cloud-based services and more flexible ways to interconnect, particularly for traders and other staff who need to connect remotely.
All of this has placed a greater emphasis on network security. In the past, firms simply relied on private connections between their own offices, data centres and those of their counterparties, but today there is a much greater reliance on internet connectivity and the cloud. This has in turn led to an increasingly complex environment, with firms having to connect to more locations, in new (and potentially less secure) ways.
So, what are the challenges associated with financial markets interconnectivity? And how can those challenges be addressed?
Financial institutions face a wide range of cybersecurity threats, including (but not limited to) web application scripting, software vulnerabilities, use of stolen login & encryption key credentials, Distributed Denial of Service (DDOS) attacks, malware, ransomware and phishing. In fact, according to data from the International Organization of Securities Commissions (IOSCO) and the World Federation of Exchanges (WFE), more than half of the world’s securities exchanges encountered cyberattacks last year.
A global clearing and settlement organisation, for example, needs highly secure and reliable access to post-trade clearing and settlement services, while ensuring compliance with trade reporting obligations and maximising cost effectiveness for the business and its clients. High levels of encryption are needed to ensure that the organisation is not compromised by cybersecurity threats, particularly when users are accessing the environment via the cloud.
Without this kind of protection in place, such firms can suffer from potential manipulation not only of clearing and settlement platforms., but also order and execution management systems, and even trade surveillance systems, which can be similarly compromised.
With the growing adoption of mobile and cloud-based applications, the danger of such attacks continues to grow. To minimise these threats, financial markets firms and their technology partners need to be able to operate within a secure, closed community that offers end-to-end security and encryption between all endpoints, including public, private and hybrid cloud destinations. It is therefore essential for such organisations to have highly reliable and secure connectivity with guaranteed levels of service availability, which can carry both encrypted and non-encrypted services over a single infrastructure.
In situations demanding a high level of security, BT Radianz Encryption enables firms to exchange information with their counterparties using a secure and confidential channel to provide an enhanced level of data security for applications that demand it. It also helps to reduce risk and complies with regulatory data protection requirements without the hassle and cost of maintaining an in-house solution.
Find out more about BT Radianz Encryption by getting in touch with your account manager.