Securities transactions are just as susceptible to cybercrime as payments, and proper use, and protection, of data is key to managing that risk, Sibos attendees have heard.
Speaking on the panel, Yves Poullet, CTO of Euroclear, noted that fraud occurs on the securities side of things, and suggested that, with further digitalisation, this is likely to increase.
He added that securities use payments as well, and that the handling of securities through bonds, deliverance, tax payments, and so on, “all offer opportunities to commit fraud”.
Equally, it is important to consider data activity, and to ensure that data remains available, he said. Confidentiality, integrity and availability are “absolutely paramount in our business”.
Roy Thetford of EY added that there is an opportunity here in “data fusion”. There may be established processes in a business that could help in protection against cybercrime—fraud or otherwise—and “the merging of some of these disciplines is a big opportunity”.
Representing Microsoft on the panel, Rupesh Khendry stressed: “Trust is paramount when you’re operating in a cloud environment.”
While there has been a focus on cybersecurity in the payments space, the digitisation of securities means “a single event can lead to a huge reputational risk”.
He advised attendees to start from a point of assuming a breach, working on a response to an event, rather than on a strategic approach to the threat, thereby creating the capability to intercept more sophisticated threats, before they become widespread. This is not a question of technology, he said, but of data, and how any available data can be harnessed.
Thetford added to this, saying that part of the challenge here is in the sheer volume of data, and in establishing what of that has value.
Institutions must work to identify and manage the critical systems within their infrastructure and make sure they’re “appropriately protected”, he said, adding that organisations now tend to be “very concerned about that”.