In a joint report BAE Systems and SWIFT examine the cyber threats landscape across financial markets and casts a light on the most at-risk areas.
The study looks at the different levels of susceptibility and threat faced by parts of the financial markets. It considers how market infrastructures and participants could be exploited by cyber criminals to penetrate organisations across the securities, trade finance, foreign exchange, and banking and payments market segments.
Interconnected markets create vulnerabilities
While the risks in banking and payments are well documented, this study reveals that the securities market is particularly vulnerable. This is due to the large number of participants and infrastructures, as well as the complex interactions involved. Weaknesses can be unknowingly introduced by traders, brokers, investors, other stakeholders – and the systems that all of these participants use. The study shows how the foreign exchange and trade finance markets are also at risk.
The report, entitled The Evolving Advanced Cyber Threat to Financial Markets, analyses the changing threat landscape and explores how the financial sector is exposed to a range of emerging cyber security challenges.
The fight against cyber threats is a joint effort
Among the main recommendations proposed are:
- Securities participants should embrace the value of checks, communication and data to support pre- and post-trade activities and stave off cyber threats.
- Securities market infrastructures need to collaborate with participants to identify risks in common practices to jointly defend market operations.
- Banking and payments participants must continue to strengthen security controls while building in protection for upstream systems.
- Trade finance participants are encouraged to review and manage areas of inherent trust, which are at risk of cyber exploitation.
Security needs to be embedded and coordinated across all levels and sectors of financial services organisations.
In an effort to help participants combat cyber fraud, SWIFT launched its Customer Security Programme (CSP) in 2016. This programme has helped its customers across the payments, securities, trade finance and foreign exchange sectors implement security controls identified as critical to defending against, detecting and recovering from cyber attacks.
But with cyber threats evolving and criminals increasingly looking for ways to steal large sums of money at speed, financial organisations are being urged to be more vigilant, and take further steps to address the vulnerabilities outlined in this report.
Acknowledging this changing landscape Brett Lancaster, Managing Director, Global Head of Customer Security at SWIFT said “As cyber criminals become ever more innovative and agile, we need to continue to work together to build even stronger defences.”
The Evolving Advanced Cyber Threat to Financial Markets report is available for financial services organisations to download now. Visit www.baesystems.com to download the report.