Wall Street & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Infrastructure

03:57 PM
Ivy Schmerken
Ivy Schmerken
Commentary
Connect Directly
Facebook
Google+
Twitter
RSS
E-Mail
50%
50%

Securing Your Trading Network

Cybersecurity is top of mind at financial firms, which are vulnerable to rogue traders, hackers and other forms of unauthorized access.

In light of the WikiLeak event, safeguarding financial networks that carry proprietary data and connect with trading venues and internal applications should be top of mind.

In the same way, that WikiLeaks released classified state department cables sent to foreign governments, financial services firms are also vulnerable to security breaches, ranging from external sources such as hackers and viruses to internal threats from former employees. Could a disgruntled trading executive unleash a virus that infects and corrupts the firm’s data or even take down the network? Anything is possible. Take rogue trader Jerome Kerviel who nearly brought down SocGen, when the French bank lost $6.7 billion from unwinding his unauthorized trades. Kerviel exploited his old back-office passwords to hack his way into the bank’s trading systems.

One approach is to take preventive action. In fact, one bank recently banned the usage of cell phones on its trading floor, and we’ve heard that another plugged up the USB ports on its PCs. But blocking access to modern means of communication may not be a permanent solution. Security experts inside companies deploy various kinds of technologies to prevent and detect security breaches. But according to John Kinkous, chief security and compliance officer at eIQNetworks, firms need to use a platform that consolidates all the data they are collecting.

“Today organizations have different tools. The problem is these tools don’t talk to each other. So these organizations are keeping themselves open to the same potential attacks,” says Linkous whose company provides a product called SecureVue, which is considered a Unified Situational Awareness platform.

“Firms need to see all the different types of events, log-ins, configuration changes, network traffic and performance data,” explains Linkous in an interview with Advanced Trading. “They need to correlate all that together. That is the new norm of cybersecurity,” says Linkous. They also need complete visibility into their security data.

This morning, eIQNetworks announced ForensicVue as a new component within SecureVue version 3.5. Acting like a Google search engine for security data, it can provide security analysts with the ability to search every piece of security-related data on the network. The user can ask the tool, “to show me all the unauthorized file changes on a system,” or “show me all the unusual performance metrics such as when a CPU is operating at 100 percent of capacity, according to Linkous. It also provides “automatic categorization’’ of all the event-based data. The tool can save common search tasks, for instance, failed log-ins for the past 30 days. In its press release, eIQNetworks claims that ForensicVue can get to the root cause of an incident 60 percent faster than any other product on the market.

With the focus on low latency trading, trading firms are taking steps to detect security violations to limit damage. A major brokerage firm recently signed up for SecureVue to protect its internal corporate networks with plans to expand it to its trading network. When the system is fully deployed, it will be supporting over one million events per second, notes Linkous. A New York-based exchange has also installed the software on its matching engine. Because financial customers don’t like to talk about technology they use for security, Linkous can’t reveal their names.

Ivy is Editor-at-Large for Advanced Trading and Wall Street & Technology. Ivy is responsible for writing in-depth feature articles, daily blogs and news articles with a focus on automated trading in the capital markets. As an industry expert, Ivy has reported on a myriad ... View Full Bio
More Commentary
A Wild Ride Comes to an End
Covering the financial services technology space for the past 15 years has been a thrilling ride with many ups as downs.
The End of an Era: Farewell to an Icon
After more than two decades of writing for Wall Street & Technology, I am leaving the media brand. It's time to reflect on our mutual history and the road ahead.
Beyond Bitcoin: Why Counterparty Has Won Support From Overstock's Chairman
The combined excitement over the currency and the Blockchain has kept the market capitalization above $4 billion for more than a year. This has attracted both imitators and innovators.
Asset Managers Set Sights on Defragmenting Back-Office Data
Defragmenting back-office data and technology will be a top focus for asset managers in 2015.
4 Mobile Security Predictions for 2015
As we look ahead, mobility is the perfect breeding ground for attacks in 2015.
Register for Wall Street & Technology Newsletters
Video
7 Unusual Behaviors That Indicate Security Breaches
7 Unusual Behaviors That Indicate Security Breaches
Breaches create outliers. Identifying anomalous activity can help keep firms in compliance and out of the headlines.