Industry working group reports on cyber threat to market infrastructure
22 September 2021
Image: adobestock/peach_fotolia
An industry working group has published a whitepaper on data protection and validation in the face of cyber threat to financial market infrastructure (FMI).
The working group, sponsored by the Committee on Payments and Market Infrastructures and International Organisation of Securities Commissions (CPMI-IOSCO) specialist group on cyber resilience, explores how FMI companies are protecting and utilising their data and provides recommendations that FMIs should consider to improve their cyber safety.
The project includes cyber-resilience specialists from The Depository Trust & Clearing Corporation (DTCC), Euroclear, the Federal Reserve Bank of New York, LCH, TMX Group and the Reserve Bank of Australia,
The working group finds that the recovery capabilities in many firms were constructed to protect against physical and non-cyber outages and, in some cases, these may not be effective in protecting against cyber threat.
Although many firms target a two-hour recovery time as a primary objective, data integrity factors often necessitate trade-offs between recovery speed and the accuracy of recovery.
Also, a high level of interconnectivity between firms reinforces the potential danger posed by a data integrity compromise.
Against this background, procedures for recovering from a data integrity breach require a high level of trust in the back-up data that is available, the paper concludes, as well as good coordination between firms within the IT ecosystem.
On the basis of the working group’s analysis, the paper recommends that firms should focus on three primary issues.
Each FMI should identify tools that are most attainable from a design standpoint and concentrate on implementing those tools that provide most impact and coverage.
Second, firms should work with other firms to identify restoration strategies that make best sense for their businesses.
Third, they should analyse their legacy technology to target points of vulnerability and critical interdependency and to identify areas where they can improve resilience as technology advances.
The working group finds that when confronted by a cyber attack, traditional data replication strategies run the risk of spreading corrupted data to backup databases. To address this challenge, the working group has been working to identify tools to improve data recovery and validation.
The paper highlights the need for greater industry collaboration to drive this agenda, including a common focus on design principles for housing critical data sets in data bunkers and third-party sites. This includes developing standards for assessing and minimising third-party risks to the ecosystem and use of industry-wide cyber stress testing exercises overseen by an independent party.
Rachel Tyler, executive director, business resilience at DTCC and chair of the industry working group, says: “The operation of FMIs is based on the use and trust of data, and to perform effectively, FMIs must keep their transaction and position data, configuration data and application data protected and intact. Firms must consider how they can continue to improve data protection and validation capabilities to best defend and recover from cyber threats.”
Laure Molinier, director of business recovery crisis management and testing at Euroclear, adds: “As part of our business resilience programme, [Our] goal is to continuously improve protection, detection, response and recovery procedures in relation to extreme scenarios such as major data integrity issues.
“As a trusted financial market infrastructure, we are expected to play a leading role in defining recovery protocols working together with the market in scenario analyses and joint-testing.”
Rob Cairns, chief technology officer at LCH, says: “Convening this working group is a significant step in ensuring and bolstering resilience among financial market infrastructure providers. The findings of the whitepaper demonstrate the need for greater collaboration and standardisation in approaching the protection of data. We look forward to continuing to contribute to discussion and action on this important issue.”
The working group, sponsored by the Committee on Payments and Market Infrastructures and International Organisation of Securities Commissions (CPMI-IOSCO) specialist group on cyber resilience, explores how FMI companies are protecting and utilising their data and provides recommendations that FMIs should consider to improve their cyber safety.
The project includes cyber-resilience specialists from The Depository Trust & Clearing Corporation (DTCC), Euroclear, the Federal Reserve Bank of New York, LCH, TMX Group and the Reserve Bank of Australia,
The working group finds that the recovery capabilities in many firms were constructed to protect against physical and non-cyber outages and, in some cases, these may not be effective in protecting against cyber threat.
Although many firms target a two-hour recovery time as a primary objective, data integrity factors often necessitate trade-offs between recovery speed and the accuracy of recovery.
Also, a high level of interconnectivity between firms reinforces the potential danger posed by a data integrity compromise.
Against this background, procedures for recovering from a data integrity breach require a high level of trust in the back-up data that is available, the paper concludes, as well as good coordination between firms within the IT ecosystem.
On the basis of the working group’s analysis, the paper recommends that firms should focus on three primary issues.
Each FMI should identify tools that are most attainable from a design standpoint and concentrate on implementing those tools that provide most impact and coverage.
Second, firms should work with other firms to identify restoration strategies that make best sense for their businesses.
Third, they should analyse their legacy technology to target points of vulnerability and critical interdependency and to identify areas where they can improve resilience as technology advances.
The working group finds that when confronted by a cyber attack, traditional data replication strategies run the risk of spreading corrupted data to backup databases. To address this challenge, the working group has been working to identify tools to improve data recovery and validation.
The paper highlights the need for greater industry collaboration to drive this agenda, including a common focus on design principles for housing critical data sets in data bunkers and third-party sites. This includes developing standards for assessing and minimising third-party risks to the ecosystem and use of industry-wide cyber stress testing exercises overseen by an independent party.
Rachel Tyler, executive director, business resilience at DTCC and chair of the industry working group, says: “The operation of FMIs is based on the use and trust of data, and to perform effectively, FMIs must keep their transaction and position data, configuration data and application data protected and intact. Firms must consider how they can continue to improve data protection and validation capabilities to best defend and recover from cyber threats.”
Laure Molinier, director of business recovery crisis management and testing at Euroclear, adds: “As part of our business resilience programme, [Our] goal is to continuously improve protection, detection, response and recovery procedures in relation to extreme scenarios such as major data integrity issues.
“As a trusted financial market infrastructure, we are expected to play a leading role in defining recovery protocols working together with the market in scenario analyses and joint-testing.”
Rob Cairns, chief technology officer at LCH, says: “Convening this working group is a significant step in ensuring and bolstering resilience among financial market infrastructure providers. The findings of the whitepaper demonstrate the need for greater collaboration and standardisation in approaching the protection of data. We look forward to continuing to contribute to discussion and action on this important issue.”
NO FEE, NO RISK
100% ON RETURNS If you invest in only one asset servicing news source this year, make sure it is your free subscription to Asset Servicing Times
100% ON RETURNS If you invest in only one asset servicing news source this year, make sure it is your free subscription to Asset Servicing Times