Global Exchanges Forge Cyber Security Alliance Against Hackers

global

 

Under siege by hackers, global financial exchanges announced plans on Thursday to team up by forming the industry’s first cyber security commission aimed at protecting global capital markets.

Financial exchanges have giant cyber bull’s eyes on them as they represent an opportunity for financially-motivated hackers and ideologically-driven hacktivists alike.

Disrupting trading on a major exchange like the New York Stock Exchange would mark a major coup for cyber actors. In a recent exercise, “white hat” hackers looking to expose cyber vulnerabilities of the U.S. equity markets were able to directly impact market performance.

Cyber security professionals said the committee announced on Thursday is long overdue.

“It’s late 2013 and I’m surprised they haven’t done this already,” said Skylar Rampersaud, senior security researcher at cyber security firm Immunity. “If someone can really attack one of these exchanges, that’s news. It would be an easy way for a group to get their name out there and show they have an impact.”

The World Federation of Exchanges said the new cyber security committee will identify and communicate global information security best practices in an effort to protect market infrastructures.

Mark Graff, chief information security officer at Nasdaq OMX Group (NDAQ) will serve as the committee’s inaugural chair, while the vice chair will be Jerry Perullo, vice president of information security at IntercontinentalExchange (ICE), which recently completed a buyout of NYSE.

WFE said the founding committee members feature a slew of major exchanges, including the CME Group (CME), NYSE Euronext, the Toronto Stock Exchange, the Australian Securities Exchange, the Depository Trust & Clearing Corp. and the Saudi Stock Exchange.

“I’m proud to be working with an array of some of the brightest information security officers who in the exchange industry around the world,” Graff said in a statement. “We are tasked with a significant goal: to build universal best practices and partner with third-parties to combat systemic cyber abuse to ensure the resiliency and strength of our capital markets.”

WFE said the committee is also tasked with establishing a communication framework “based on mutual trust,” facilitating information sharing and enhancing dialogue with policy makers and regulators.

“People get touchy about sharing their data outside of the enterprise. It’s helpful to have a formal way to do that so that people who are having more success defending against attacks can help others doing the same job in different places,” said Rampersaud.

Earlier this year, the International Organization of Securities Commissions issued a report with WFE that revealed 53% of exchanges have suffered a cyber attack in the last year. Attacks have focused on non-trading related online services and websites and “have not come close to knocking out critical systems or trading platforms,” the report found.

Still, some 89% of respondents in the survey agreed that cyber crime in securities markets should be considered a “system risk.”

The Quantum Dawn 2 operation released in October took place over six hours and simulated multiple trading days. The exercise, which involved more than 50 entities and 500 people in the financial services sector, highlighted recent progress in the industry but also underscored lingering vulnerabilities.

http://www.foxbusiness.com/technology/2013/12/12/global-exchanges-unveil-security-alliance-against-hackers/

Advertisements

About Gregory D Evans

Gregory Evans is one of the worlds greatest security consultants. Go to http://GregoryDEvans.com for more details.
This entry was posted in Cell phone security, cyber, internet safety, Technology, wireless and tagged , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s