Wall Street & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


09:35 AM
Greg MacSweeney
Greg MacSweeney
Connect Directly

Mobile: Data Security's New Frontier

As clients increasingly expect to be able to trade, transfer funds and do almost anything else they can do on a PC from their mobile devices, Wall Street technology executives must figure out how to protect data outside the enterprise.

Data security certainly isn't a new concern for financial services firms. Security always ranks near the top of priorities for CIOs, CTOs, CSOs and CROs. The data security landscape, however, is changing at an accelerating pace, and the stakes are higher than ever before.

Since the beginning of 2011, there have been more than 598,000 personal financial records exposed to potential fraud in 58 separate incidents involving financial services companies, according to the Privacy Rights Clearinghouse. While the total number of incidents and exposed records is down substantially from the 12.3 million records that were exposed by 604 breaches in 2010, the complexity of the attacks and the amount of money that has been lost is staggering.

Data-Centric Security Offers Best Defense Against Cyber ThreatsThe toll from cyber attacks continues to climb. Data-centric security offers the best defense against advanced persistent threats, argues Voltage Security's Mark Bower.

For instance, in one attack against Fidelity National Information Services, a global provider of banking and payments technologies, millions of dollars literally went missing overnight. A group of criminals obtained 22 legitimate ATM cards and then duplicated and altered them so an unlimited amount of cash could be withdrawn with each. The cards were promptly shipped overseas, and a total of $13 million was withdrawn over just 24 hours. This one incident highlights how damaging a data breach can be. In addition to the direct monetary loss, other costs — such as customer churn, reputation damage and regulatory fines — add to the costs.

Other incidents, while not leading to direct monetary losses, can be just as damaging. Nasdaq's Director Desk, a cloud-based system designed to facilitate boardroom-level communications for 10,000 senior executives and company directors, was hacked last year; the criminals may have had access to insider information, which they could have sold or used to make profitable stock trades.

[Check out the Top 9 Most Costly Financial Services Data Breaches.

While the types of data breaches are numerous, there is some good news: The average cost of data breaches has dropped by 24 percent, according to a study from the Ponemon Institute. This could partially be attributed to better security and an improved ability for firms to respond quickly to a breach. But, while the cost of a single breach might be on the decline, the rate of malicious attacks from malware, insider threats and phishing attacks increased by 31 percent, says the study.

Couple the growing complexity of attacks with users' demands for greater access to data, and technology executives have their hands full. Not only do firms have to protect data from traditional hacks and insider threats, they also have to protect data that is going outside of their own firewalls. Internal users, including traders, portfolio managers and business executives, as well as external customers increasingly are demanding mobile access to proprietary data on tablets and smartphones.

The demand for greater access to data will not slow any time soon — users increasingly will expect to be able to trade, transfer funds and do almost anything else they can do on a PC from their mobile device. Firms that can't offer mobile functionality because of security limitations will be at a serious disadvantage to competitors that can.

[To read more about How To Protect Wall Street Employees' Mobile Devices From Cyber Attacks, see related story.]

Greg MacSweeney is editorial director of InformationWeek Financial Services, whose brands include Wall Street & Technology, Bank Systems & Technology, Advanced Trading, and Insurance & Technology. View Full Bio
More Commentary
A Wild Ride Comes to an End
Covering the financial services technology space for the past 15 years has been a thrilling ride with many ups as downs.
The End of an Era: Farewell to an Icon
After more than two decades of writing for Wall Street & Technology, I am leaving the media brand. It's time to reflect on our mutual history and the road ahead.
Beyond Bitcoin: Why Counterparty Has Won Support From Overstock's Chairman
The combined excitement over the currency and the Blockchain has kept the market capitalization above $4 billion for more than a year. This has attracted both imitators and innovators.
Asset Managers Set Sights on Defragmenting Back-Office Data
Defragmenting back-office data and technology will be a top focus for asset managers in 2015.
4 Mobile Security Predictions for 2015
As we look ahead, mobility is the perfect breeding ground for attacks in 2015.
Register for Wall Street & Technology Newsletters