Continual Cybersecurity Risk Assessment Tailored for Electronic Trading Infrastructures
Cybersecurity is the biggest risk facing the financial system according to the SEC. Yet 82% of survey participants report a shortage of cybersecurity skills in their organizations according to a Center for Strategic and International Studies (CSIS). These are the signs that cybersecurity and continual risk assessment must evolve to fit into the high performance environments of electronic trading and financial markets.
With Corvil Cara, cybersecurity teams gain a virtual security expert that automates anomaly detection, streamlines threat detection and provides full visibility with zero-performance impact on the trading environment. Powered by machine learning algorithms and existing monitoring instrumentation, Corvil Cara automatically analyzes and learns from all machine activity monitored on the network. The norms of connected machines, applications, services and communications are baselined and used to detect deviations and anomalies.
The detected anomalies are automatically correlated with other threat detection analytics to pinpoint compromised hosts and expose suspect user behavior. Corvil Cara combines multiple detection methods to bubble up the most important issues, integrates with existing security tools and provide an overall risk assessment score, enabling the security team to:
"Hedge funds doing automated trading...have to be recognizing that hacktivists, espionage, or war-like actors may decide that targeting an automated trading venue or trader might be the way to further their objective even if their motivation isn’t to steal and that is something that the US financial infrastructure became very aware of in the last few years."
Consolidated risk assessment — based on Corvil threat detection analytics, machine learning, and threat intelligence sources — show security teams where to look and what to react to first, saving time and improving efficiency.
Algorithms automatically analyze terabytes of granular, indexed data collected daily without impacting trade performance to provide full visibility and cybersecurity context of electronic trading sessions, market data streams and non-trading traffic.
Minimize the manual effort of eliminating blind spots with broad visibility into anomalous events, user actions, machine communications, and threat intelligence matching with the ability to see the most granularity.
Business-oriented risk scores and streamlined reporting provide assurance that evasive activity or anomalies are not lurking within the trading environment.
Flexible security integration works intelligently with other tools and data sources and procedures within your ecosystem.
Streamline collaboration with business regulatory and other stakeholders by sharing analysis based on the same source of high quality data.
"The compromised integrity of financial markets is the sort of destabilization that nation-state threat actors, or those looking to shorten financial instruments on a large scale, live for."
David Monahan, Enterprise Management Associates, Inc.