09:35 AM
Greg MacSweeney
Greg MacSweeney
Connect Directly

Mobile: Data Security's New Frontier

As clients increasingly expect to be able to trade, transfer funds and do almost anything else they can do on a PC from their mobile devices, Wall Street technology executives must figure out how to protect data outside the enterprise.

Data security certainly isn't a new concern for financial services firms. Security always ranks near the top of priorities for CIOs, CTOs, CSOs and CROs. The data security landscape, however, is changing at an accelerating pace, and the stakes are higher than ever before.

Since the beginning of 2011, there have been more than 598,000 personal financial records exposed to potential fraud in 58 separate incidents involving financial services companies, according to the Privacy Rights Clearinghouse. While the total number of incidents and exposed records is down substantially from the 12.3 million records that were exposed by 604 breaches in 2010, the complexity of the attacks and the amount of money that has been lost is staggering.

Data-Centric Security Offers Best Defense Against Cyber ThreatsThe toll from cyber attacks continues to climb. Data-centric security offers the best defense against advanced persistent threats, argues Voltage Security's Mark Bower.

For instance, in one attack against Fidelity National Information Services, a global provider of banking and payments technologies, millions of dollars literally went missing overnight. A group of criminals obtained 22 legitimate ATM cards and then duplicated and altered them so an unlimited amount of cash could be withdrawn with each. The cards were promptly shipped overseas, and a total of $13 million was withdrawn over just 24 hours. This one incident highlights how damaging a data breach can be. In addition to the direct monetary loss, other costs — such as customer churn, reputation damage and regulatory fines — add to the costs.

Other incidents, while not leading to direct monetary losses, can be just as damaging. Nasdaq's Director Desk, a cloud-based system designed to facilitate boardroom-level communications for 10,000 senior executives and company directors, was hacked last year; the criminals may have had access to insider information, which they could have sold or used to make profitable stock trades.

[Check out the Top 9 Most Costly Financial Services Data Breaches.

While the types of data breaches are numerous, there is some good news: The average cost of data breaches has dropped by 24 percent, according to a study from the Ponemon Institute. This could partially be attributed to better security and an improved ability for firms to respond quickly to a breach. But, while the cost of a single breach might be on the decline, the rate of malicious attacks from malware, insider threats and phishing attacks increased by 31 percent, says the study.

Couple the growing complexity of attacks with users' demands for greater access to data, and technology executives have their hands full. Not only do firms have to protect data from traditional hacks and insider threats, they also have to protect data that is going outside of their own firewalls. Internal users, including traders, portfolio managers and business executives, as well as external customers increasingly are demanding mobile access to proprietary data on tablets and smartphones.

The demand for greater access to data will not slow any time soon — users increasingly will expect to be able to trade, transfer funds and do almost anything else they can do on a PC from their mobile device. Firms that can't offer mobile functionality because of security limitations will be at a serious disadvantage to competitors that can.

[To read more about How To Protect Wall Street Employees' Mobile Devices From Cyber Attacks, see related story.]

Greg MacSweeney is editorial director of InformationWeek Financial Services, whose brands include Wall Street & Technology, Bank Systems & Technology, Advanced Trading, and Insurance & Technology. View Full Bio
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
7/13/2014 | 9:57:03 PM
Windows phone security
I am convinced that the security and Windows phones are much more advanced.
More Commentary
5 Tips to Save the Wall Street Datacenter
Though cloud computing and SaaS are all the rage, there is still a need for proprietary Wall Street datacenters, as long as they are run efficiently.
Preventive Measures for Post-Interview Anxiety
Most professionals leave interviews thinking that it went well, and then they wait... and wait. The Caring Recruiter has a cure for the typical post-interview trauma.
Leaving Out the Welcome Mat for Financial Services Hackers
Everyone knows the financial services industry is a prime target for hackers. Despite the dangers, many applications have software vulnerabilities that expose real risks.
4 Surprising Ways Firms Think About Data Security Costs
Almost 28% of firms are willing to bear the cost of some financial losses due to cybercrime, because it's less than the cost of upgrading IT systems.
CIO + CFO Doesn’t Equal Mars Vs. Venus
From my decades of experience, CIOs and CFOs have more in common than you may think.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - July 2014
In addition to regular audits, the SEC will start to scrutinize the cyber-security preparedness of market participants.