Wall Street & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Infrastructure

09:30 PM
Seth Payne, Skytap, & Danial Faizullabhoy, NUARI
Seth Payne, Skytap, & Danial Faizullabhoy, NUARI
Commentary
50%
50%

Does Cloud Computing Make The Capital Markets More Secure?

Recent simulated tests have shown that cloud-based systems can make critical tests more realistic and include more industry participants.

Securing capital markets, which have become almost wholly dependent on technology, is in the national interest of every developed country. Disruptions to the market can cause serious problems for world economies and have a devastating impact on individual countries and their citizens—take for example hurricane Sandy that resulted in a two-day market shutdown even with extensive backup solutions and emergency preparedness planning in place. And a more recent NASDAQ IT glitch that shut down the exchange for several hours on August 22.

Seth Payne, Skytap
Seth Payne, Skytap
Danial Faizullabhoy, NUARI
Danial Faizullabhoy, NUARI

While technology enables and drives capital markets, it also represents one of the market’s biggest vulnerabilities. As such, it is essential that all market participants be prepared for any number of market disruptions including cyber-attacks and other catastrophic events.

In the past, individual brokers, exchanges, and other market participants ran vulnerability tests and simulations for their own organizations. While these firm- or agency-specific tests are absolutely essential, they fail to provide a picture of how the market, as a whole, would respond to specific malicious activity. The need for market-wide assessments of attack readiness have become vitally important as market participants, as well as the global markets, become increasingly interdependent.

In July of this year, the Norwich University Applied Research Institutes (NUARI) teamed up with key players in the US financial sector to simulate a range of cyber-attacks and events that could potentially impact not only individual market participants, but also the market as a whole. 500 individual participants took part in the simulation. The event was called Quantum Dawn 2 and received considerable coverage in popular media.

Simulation participants represented exchanges, broker-dealers, banks, SEC, Treasury, Department of Homeland Security, and others. 

In order to create a realistic experience for participants, NUARI designed and deployed an isolated simulation system that allowed participants to react to market disruptions caused by a wide range of attacks and events. Individual participants accessed the NUARI system from their own locations, in part, to assess their organization’s response to cyber-attacks and the policies surrounding IT security.

The NUARI system is an incredibly realistic simulator of equity market dynamics. Participants were able to respond to market changes just as they would during a real-world attack or catastrophic event.

Given the large number of participants in the simulation, NUARI faced two significant challenges. First was the challenge of granting application access to participants at disparate locations. It was essential that participants all be within the closed-loop simulation in order to keep the exercise as realistic as possible. Second was the challenge of giving access to participants at firms who, naturally, have extremely tight IT security policies.

The use of virtual desktops allowed for tight control of the simulation environment, thus eliminating the need to support disparate and diverse systems. The use of virtual desktops, and the ease with which these desktops could be shared, enabled broad participation in the Quantum Dawn 2 simulation ensuring that both the exercise itself and the various responses to simulated attacks was as realistic and meaningful as possible.

Cloud computing has vastly improved our ability to rapidly create complex computing environments and collaborate with others quickly, safely, and effectively -- and Quantum Dawn 2 is proof that cloud computing is a solid resource in supporting the security of capital markets.

About The Authors : Seth Payne is a senior product manager at Skytap, an enterprise cloud computing provider, where he's responsible for defining cloud computing capabilities for enterprises. Prior to Skytap, Payne spent several years working on Wall Street in technology at both Gravitas and the New York Stock Exchange.

Danial Faizullabhoy, senior advisor, NUARI

Danial Faizullabhoy is a senior advisor to NUARI and most recently was the President and CEO of BroadLogic. He has over 20 years of venture capital investment, management, technical and marketing experience, specializing in the software and communications industries.

More Commentary
A Wild Ride Comes to an End
Covering the financial services technology space for the past 15 years has been a thrilling ride with many ups as downs.
The End of an Era: Farewell to an Icon
After more than two decades of writing for Wall Street & Technology, I am leaving the media brand. It's time to reflect on our mutual history and the road ahead.
Beyond Bitcoin: Why Counterparty Has Won Support From Overstock's Chairman
The combined excitement over the currency and the Blockchain has kept the market capitalization above $4 billion for more than a year. This has attracted both imitators and innovators.
Asset Managers Set Sights on Defragmenting Back-Office Data
Defragmenting back-office data and technology will be a top focus for asset managers in 2015.
4 Mobile Security Predictions for 2015
As we look ahead, mobility is the perfect breeding ground for attacks in 2015.
More
Register for Wall Street & Technology Newsletters
Video
All Videos
Slideshows
7 Unusual Behaviors That Indicate Security Breaches
7 Unusual Behaviors That Indicate Security Breaches
Breaches create outliers. Identifying anomalous activity can help keep firms in compliance and out of the headlines.
More Slideshows