Security

09:35 AM
Greg MacSweeney
Greg MacSweeney
Commentary
Connect Directly
Facebook
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Mobile: Data Security's New Frontier

As clients increasingly expect to be able to trade, transfer funds and do almost anything else they can do on a PC from their mobile devices, Wall Street technology executives must figure out how to protect data outside the enterprise.

Data security certainly isn't a new concern for financial services firms. Security always ranks near the top of priorities for CIOs, CTOs, CSOs and CROs. The data security landscape, however, is changing at an accelerating pace, and the stakes are higher than ever before.

Since the beginning of 2011, there have been more than 598,000 personal financial records exposed to potential fraud in 58 separate incidents involving financial services companies, according to the Privacy Rights Clearinghouse. While the total number of incidents and exposed records is down substantially from the 12.3 million records that were exposed by 604 breaches in 2010, the complexity of the attacks and the amount of money that has been lost is staggering.


Data-Centric Security Offers Best Defense Against Cyber ThreatsThe toll from cyber attacks continues to climb. Data-centric security offers the best defense against advanced persistent threats, argues Voltage Security's Mark Bower.

For instance, in one attack against Fidelity National Information Services, a global provider of banking and payments technologies, millions of dollars literally went missing overnight. A group of criminals obtained 22 legitimate ATM cards and then duplicated and altered them so an unlimited amount of cash could be withdrawn with each. The cards were promptly shipped overseas, and a total of $13 million was withdrawn over just 24 hours. This one incident highlights how damaging a data breach can be. In addition to the direct monetary loss, other costs — such as customer churn, reputation damage and regulatory fines — add to the costs.

Other incidents, while not leading to direct monetary losses, can be just as damaging. Nasdaq's Director Desk, a cloud-based system designed to facilitate boardroom-level communications for 10,000 senior executives and company directors, was hacked last year; the criminals may have had access to insider information, which they could have sold or used to make profitable stock trades.

[Check out the Top 9 Most Costly Financial Services Data Breaches.

While the types of data breaches are numerous, there is some good news: The average cost of data breaches has dropped by 24 percent, according to a study from the Ponemon Institute. This could partially be attributed to better security and an improved ability for firms to respond quickly to a breach. But, while the cost of a single breach might be on the decline, the rate of malicious attacks from malware, insider threats and phishing attacks increased by 31 percent, says the study.

Couple the growing complexity of attacks with users' demands for greater access to data, and technology executives have their hands full. Not only do firms have to protect data from traditional hacks and insider threats, they also have to protect data that is going outside of their own firewalls. Internal users, including traders, portfolio managers and business executives, as well as external customers increasingly are demanding mobile access to proprietary data on tablets and smartphones.

The demand for greater access to data will not slow any time soon — users increasingly will expect to be able to trade, transfer funds and do almost anything else they can do on a PC from their mobile device. Firms that can't offer mobile functionality because of security limitations will be at a serious disadvantage to competitors that can.

[To read more about How To Protect Wall Street Employees' Mobile Devices From Cyber Attacks, see related story.]

Greg MacSweeney is editorial director of InformationWeek Financial Services, whose brands include Wall Street & Technology, Bank Systems & Technology, Advanced Trading, and Insurance & Technology. View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
speedo1456
50%
50%
speedo1456,
User Rank: Apprentice
7/13/2014 | 9:57:03 PM
Windows phone security
I am convinced that the security and Windows phones are much more advanced.
More Commentary
OptionsCity To Launch Customizable Trading Experience
The Metro Now platform breaks tools down into downloadable build or buy widgets for faster deployment and a more customized trading style.
US T+2: All Thatís Left Is the Execution
T+2 settlement is right around the corner for the US. What will it take to get from where the industry is now to implementation?
Is There a Watson in Your Financial Future?
How artificial intelligence might affect financial services.
Survey Shows an Urgency to Automate the Back Office
Confluence reports numbers are trending up across the board when discussing the need to automate back-office processes.
7 Pillars of Market Surveillance 2.0
Compliance officers are facing flash crashes, insider trading, market manipulation, and more. Here are seven market surveillance and risk management steps that will help compliance officers sleep better at night.
Register for Wall Street & Technology Newsletters
White Papers
Current Issue
Wall Street & Technology - Elite 8, October 2014
The in-depth profiles of this year's Elite 8 honorees focus on leadership, talent recruitment, big data, analytics, mobile, and more.
Video