Mondo Visione Worldwide Financial Markets Intelligence

FTSE Mondo Visione Exchanges Index:

CCData-468x60x2.jpg BT_Radianz_468x60_Jul23 FEAS 30th Anniversary Conference

From Our Man At The 31st Annual FIA Futures & Options Expo - Tom Groenfeldt: Cybersecurity Concerns Regulators And Traders

Date 06/11/2015

Cybersecurity should encompass prevention, preparation, training and recovery, cyber experts from financial firms and regulatory bodies said at the FIA Expo in Chicago.

The first move in securing data is to secure the perimeter, but security can’t stop there. Thomas Sexton, senior vice president of the National Futures Association (NFA) said the organization has its perimeter tested annually by an outside firm and it encrypts almost everything stored inside.

As the self-regulatory organization for the U.S. derivatives industry, The NFA drafted an enforce interpretive notice which was approved by the CFTC setting March 1, 2016 for member to adopt written policies and procedures to secure customer data and access to their electronic systems.

https://www.nfa.futures.org/news/newsNotice.asp?ArticleID=4649

Sexton said the NFA will expect large firms to develop a greater depth of program that would include IT; marketing, because it has access to customer data; legal and compliance. Once firms do risk analysis, the NFA proposes they look at protective measures such as updating software and having passwords.  Firms should have cyber security training for staff focused on external threats and social engineering. If firms have had security incidents, staff should be trained on those to prevent repetition.

Jamal Oulhadj, chief operating officer at R.J. O’Brien & Associates, said social engineering, where a fraudster tricks someone at a firm into providing access to systems or sending money, has become increasingly sophisticated.

For example, the firm might get an apparently authentic instruction to wire $50,000 from an account.

“We see more and more of these in very sophisticated ways that are almost impossible to detect if you don’t train your employees.”

Firms should have plans ready by March 1 and the NFA will conduct regular examinations of member firms, Sexton said.

“We realize over time these programs will have to be refined. The enforcement mechanism will be educational during the first few years.”

He said the most important factor in data is its integrity.

“Confidentiality is important, but the most severe challenge of all is integrity. If confidential data gets out, that is bad but the sky probably won’t fall for the whole financial system. If data is not available for awhile that is bad, but if integrity goes away, if you don’t know what your positions are, if you can’t trust your data, or data about counterparties or from exchanges — that might make the sky fall.”

MV 120 X 600 Hard to Reach BT_Radianz_120x600_Jul23.jpg FEAS_2025_MondioVisione_120x600-banner