In light of the WikiLeak event, safeguarding financial networks that carry proprietary data and connect with trading venues and internal applications should be top of mind.
In the same way, that WikiLeaks released classified state department cables sent to foreign governments, financial services firms are also vulnerable to security breaches, ranging from external sources such as hackers and viruses to internal threats from former employees. Could a disgruntled trading executive unleash a virus that infects and corrupts the firm’s data or even take down the network? Anything is possible. Take rogue trader Jerome Kerviel who nearly brought down SocGen, when the French bank lost $6.7 billion from unwinding his unauthorized trades. Kerviel exploited his old back-office passwords to hack his way into the bank’s trading systems.
One approach is to take preventive action. In fact, one bank recently banned the usage of cell phones on its trading floor, and we’ve heard that another plugged up the USB ports on its PCs. But blocking access to modern means of communication may not be a permanent solution. Security experts inside companies deploy various kinds of technologies to prevent and detect security breaches. But according to John Kinkous, chief security and compliance officer at eIQNetworks, firms need to use a platform that consolidates all the data they are collecting.
“Today organizations have different tools. The problem is these tools don’t talk to each other. So these organizations are keeping themselves open to the same potential attacks,” says Linkous whose company provides a product called SecureVue, which is considered a Unified Situational Awareness platform.
“Firms need to see all the different types of events, log-ins, configuration changes, network traffic and performance data,” explains Linkous in an interview with Advanced Trading. “They need to correlate all that together. That is the new norm of cybersecurity,” says Linkous. They also need complete visibility into their security data.
This morning, eIQNetworks announced ForensicVue as a new component within SecureVue version 3.5. Acting like a Google search engine for security data, it can provide security analysts with the ability to search every piece of security-related data on the network. The user can ask the tool, “to show me all the unauthorized file changes on a system,” or “show me all the unusual performance metrics such as when a CPU is operating at 100 percent of capacity, according to Linkous. It also provides “automatic categorization’’ of all the event-based data. The tool can save common search tasks, for instance, failed log-ins for the past 30 days. In its press release, eIQNetworks claims that ForensicVue can get to the root cause of an incident 60 percent faster than any other product on the market.
With the focus on low latency trading, trading firms are taking steps to detect security violations to limit damage. A major brokerage firm recently signed up for SecureVue to protect its internal corporate networks with plans to expand it to its trading network. When the system is fully deployed, it will be supporting over one million events per second, notes Linkous. A New York-based exchange has also installed the software on its matching engine. Because financial customers don’t like to talk about technology they use for security, Linkous can’t reveal their names.Ivy is Editor-at-Large for Advanced Trading and Wall Street & Technology. Ivy is responsible for writing in-depth feature articles, daily blogs and news articles with a focus on automated trading in the capital markets. As an industry expert, Ivy has reported on a myriad ... View Full Bio