The Covid-19 pandemic has transformed the way businesses operate. Within a few weeks from the onset of the pandemic in early 2020, corporations had to shift to a remote working model. This change was marked by rapid adoption of cloud technologies and a significant proportion of workforce suddenly using personal devices to access their official documents. While this enabled business continuity, it also expanded the threat perimeter, making businesses more vulnerable to cyber-attacks.
The banking, financial services, and insurance (BFSI) sector is no exception. From February 2020 to April 2021, the BFSI sector experienced a 40-fold increase in cyber-attacks including phishing, malware and ransomware.1 In 2020, the average cost of a data breach for a global financial services firm was $5.85 million, significantly higher when compared to the average cost across all the sectors.2
Within BFSI, capital market firms are likely to witness a significant impact, given that they accounted for over one-fourth of all cyber-attacks targeted on the BFSI sector from January 2020 to March 2021.3 Recent technology trends in capital markets are increasing the number of participants on the enterprise network, making it more vulnerable to cyber-attacks. The adoption of open architectures — which allow corporations to quickly add, upgrade, and swap system components with third-party companies — are also making it more difficult to align cybersecurity controls across the extended enterprise network. Similarly, commercial off-the-shelf products are often cost-effective and simplify installation but can create unknown cyber risks in the enterprise network.
Top cyber risks in the post-pandemic era
CIOs and CISOs can help minimize the impact of cyber-attacks by pro-actively checking the key sources of these attacks. Wipro’s recent report State of Cyber Security 2020 highlighted three top sources of cyber risks for BFSI firms in the post-pandemic era:
In addition, aligning regulatory requirements across multiple jurisdictions (for instance, GDPR and the California Consumer Privacy Act) also remains a challenge, increasing latency in cybersecurity processes supporting operational resilience.
Developing a consistent, functional capability model based on governance, people, process and technology helps alleviate these problems and presents an integrated view of cybersecurity from a compliance perspective. Making wise use of security and compliance data to establish clear linkage between threats and risks enables firms to make more strategic decisions.
Key assets and associated processes capital market firms need to secure
In the context of capital markets, cyber-attacks typically target certain assets across the value chain, as shown in Figure 1. CISOs need to pay special attention to ensure cyber resilience of these assets.
Figure 1: Key assets across capital markets value chain targeted by cyber-attacks.
Buy Side
Asset and wealth managers possess confidential client data including investment portfolio, funds committed, returns earned, etc. Hackers may spy, breach, or manipulate this data by attacking the data warehouses managers use to store client data. Cyber-attackers may also target client devices to breach their login credentials and make spurious transactions. Similarly, hackers may attack asset manager’s proprietary investment strategies and trade books to disrupt operations. CISOs need to address these risks as they can lead to loss of investor’s trust and significant business loss.
Market Infrastructure
The pandemic sparked a surge in trading volumes across global exchanges as stock valuations dipped and recovered in a short span of time. This momentum is likely to continue given strong investor confidence. However, it may also attract intruders targeting order management, matching, and pricing engines of exchanges. An unmanaged attack may halt exchange operations until the issue is resolved. To prevent disruptions, CISOs must pro-actively address these risks. Similarly, clearing and settlement firms need to secure their data and algorithms because an attack on either may lead to fraud in the transfer of funds or securities. Lastly, financial data providers must secure the networks through which they disseminate trade data to their clients. Potential corruption of data networks can mislead clients and lead to significant loss of business.
Sell Side
Broker dealers and investment banks are home to vast volumes of confidential information associated with capital markets trading and M&A deals. These organizations need to secure their trading systems as any interference can lead to significant business loss. Similarly, they need to be cautious about the security of investment banker’s mobile devices, which are often attacked to steal intelligence on highly sensitive rumored deals. For M&A deals in progress, data rooms contain confidential information of the target. These must be protected against cyber-attacks as potential breach of information may lead to legal issues. Lastly, auctions are highly confidential processes. Investment banks must ensure security of their buy-side client’s biding information and their sell side client’s auction data.
Roadmap to operational resilience through a reimagined approach to cyber security:
With the continued rise of remote working and open API-based services, the perimeter of the enterprise network is expanding beyond traditional boundaries. Against this backdrop, future enterprise networks will be forever evolving, growing increasingly complex — and leaders need to prepare for the all new set of cyber-attacks.
Hackers are now targeting enterprise cognitive systems aimed at extracting and poisoning confidential data fed into machine learning (ML) models. Similarly, intruders are now attacking APIs to breach data feeds shared with third-party service partners.
To ensure operational resilience, capital market firms need to reimagine their traditional approach to cyber security. Figure 2 illustrates a framework for a holistic cybersecurity strategy with a focus on governance, people, process, and technology.
Figure 2: Framework to develop a holistic cyber security strategy.
Governance
A strong governance framework with clearly defined roles, responsibilities, and accountabilities for key stakeholders is the foundation of a robust cyber-security program.
People
In the post-pandemic era, ensuring operational resilience will not only be the responsibility of cybersecurity professionals but of the broader workforce as well. Below are key elements of a cybersecurity strategy from the People perspective:
Process
The following five-step, closed-loop approach allows capital market firms to effectively detect, prevent, and respond to increasingly complex cyber threats across the enterprise network:
Technology
Technology is key to operational resilience as it provides intelligent, automated tools that enable continuous detection and prevention of cyber-attacks.
In the post-pandemic era, robust cybersecurity systems will be critical to ensure operational resilience. Corporate boards need to make cybersecurity a strategic priority and a business imperative, and push for alignment among executive leadership, risk-management functions, SOCs, and the entire workforce running day-to-day business operations. CISOs will need to leverage the right technology architecture, tools, and platforms to ensure that business-critical assets are well protected against potential cyber-attacks across the enterprise network.
References:
Suzanne J. Dann
Senior Vice President, North America Capital Markets and Insurance, Wipro Limited
Suzanne is Vice President of North America Capital Markets and Insurance for Wipro Limited. In this role, she is responsible for managing growth and P&L throughout the sector.
Prior to Wipro, Suzanne worked with Avanade as General Manager of the Northeast region, and Diversity and Inclusion Lead, reporting to the CEO. In her 17 years with IBM, she held various leadership roles (VP of Sales for the Morgan Stanley Integrated Account Team, Business Development Executive for IBM Research) and worked with IBM Global Business Services leading technology strategy, process improvement, and platform development initiatives for leading financial services firm. She also served as Director of Technology for Fusient Media Ventures and spent the first part of her career at Ernst & Young Center for Technology Enablement, first as a consultant then later as a manager of financial services.
Suzanne has a degree in engineering from Cornell University and is a certified information systems security professional (CISSP).
Supported by:
Pradeep Agarwal (Senior Manager, Wipro Insights)
Agam Sehgal (Assistant Manager, Wipro Insights)