The ultimate way to move beyond trading latency?

Posted on : 29-03-2019 | By : richard.gale | In : Finance, Uncategorized

Tags: , , , , , , ,

0

A number of power surges and outages have been experienced in the East Grinstead area of the UK in recent months. Utility companies involved have traced the cause to one of three  high capacity feeds to a Global Investment bank’s data centre facility.

The profits created by the same bank’s London based Propriety Trading group has increased tenfold in the same time.

This bank employs 1% of the world’s best post-doctoral theoretical Physics graduates  to help build its black box trading systems

Could there be a connection? Wild & unconfirmed rumours have been circulating within  the firm that a major breakthrough in removing the problem of latency – the physical limitation the time it takes a signal to transfer down a wire – ultimately governed by of the speed of light.

For years traders have been trying to reduce execution latency to provide competitive advantage in a highly competitive fast moving environment. The focus has moved from seconds to milli and now microsecond savings.

Many Financial Services & technology organisations have attempted to solve this problem through reducing  data hopping, routing, and going as far as placing their hardware physically close to the source of data (such as in an Exchange’s data centre) to minimise latency but no one has solved the issue – yet.

It sounds like this bank may have gone one step further. It is known that at the boundary of the speed of light – physics as we know it -changes (Quantum mechanics is an example where the time/space continuum becomes ‘fuzzy’). Conventional physics states that travelling faster than the speed of light and see into the future would require infinite energy and so is not possible.

Investigation with a number of insiders at the firm has resulted in an amazing and almost unbelievable insight. They have managed to build a device which ‘hovers’ over the present and immediate future – little detail is known about it but it is understood to be based on the previously unproven ‘Alcubierre drive’ principle. This allows the trading system to predict (in reality observe) the next direction in the market providing invaluable trading advantage.

The product is still in test mode as the effects of trading ahead of the data they have already traded against is producing outages in the system as it then tries to correct the error in the future data which again changes the data ad finitum… The prediction model only allows a small glimpse into the immediate future which also limits the window of opportunity for trading.

The power requirements for the equipment are so large that they have had to been moved to the data centre environment where consumption can be more easily hidden (or not as the power outages showed).

If the bank does really crack this problem then they will have the ultimate trading advantage – the ability to see into the future and trade with ‘inside’ knowledge legally. Unless another bank is doing similar in the ‘trading arms race’ then the bank will quickly become dominant and the other banks may go out of business.

The US Congress have apparently discovered some details of this mechanism and are requesting the bank to disclose details of the project. The bank is understandably reluctant to do this as it has spent over $80m developing this and wants to make some return on its investment.

If this system goes into true production mode surely it cannot be long before Financial Regulators outlaw the tool as it will both distort and ultimately destroy the markets.

Of course the project has a codename…. Project Tachyons

No one from the company was available to comment on the accuracy of the claims.

Do you believe that your legacy systems are preventing digital transformation?

Posted on : 14-03-2019 | By : richard.gale | In : Data, Finance, FinTech, Innovation, Uncategorized

Tags: , , , , , , , ,

0

According to the results of our recent Broadgate Futures Survey more than half of our clients agreed that digital transformation within their organisation was being hampered by legacy systems. Indeed, no one “strongly disagreed” confirming the extent of the problem.

Many comments suggested that this was not simply a case of budget constraints, but the sheer size, scale and complexity of the transition had deterred organisations in fear of the fact that they were not adequately equipped to deliver successful change.

Legacy systems have a heritage going back many years to the days of the mega mainframes of the 70’s and 80’s. This was a time when banks were the masters of technological innovation. We saw the birth of ATMs, BACS and international card payments. It was an exciting time of intense modernisation. Many of the core systems that run the finance sector today are the same ones that were built back then. The only problem is that, although these systems were built to last they were not built for change.

The new millennium experienced another significant development with the introduction of the internet, an opportunity the banks could have seized and considered developing new, simpler, more versatile systems. However, instead they decided to adopt a different strategy and modify their existing systems, in their eyes there was no need to reinvent the wheel. They made additions and modifications as and when required. As a result, most financial organisations have evolved over the decades into organisations of complex networks, a myriad of applications and an overloaded IT infrastructure.

The Bank of England itself has recently been severely reprimanded by a Commons Select Committee review who found the Bank to be drowning in out of date processes in dire need of modernisation. Its legacy systems are overly complicated and inefficient, following a merger with the PRA in 2014 their IT estate comprises of duplicated systems and extensive data overload.

Budget, as stated earlier is not the only factor in preventing digital transformation, although there is no doubt that these projects are expensive and extremely time consuming. The complexity of the task and the fear of failure is another reason why companies hold on to their legacy systems. Better the devil you know! Think back to the TSB outage (there were a few…), systems were down for hours and customers were unable to access their accounts following a system upgrade. The incident ultimately led to huge fines from the Financial Conduct Authority and the resignation of the Chief Executive.

For most organisations abandoning their legacy systems is simply not an option so they need to find ways to update in order to facilitate the connection to digital platforms and plug into new technologies.

Many of our clients believe that it is not the legacy system themselves which are the barrier, but it is the inability to access the vast amount of data which is stored in its infrastructure.  It is the data that is the key to the digital transformation, so accessing it is a crucial piece of the puzzle.

“It’s more about legacy architecture and lack of active management of data than specifically systems”

By finding a way to unlock the data inside these out of date systems, banks can decentralise their data making it available to the new digital world.

With the creation of such advancements as the cloud and API’s, it is possible to sit an agility layer between the existing legacy systems and newly adopted applications. HSBC has successfully adopted this approach and used an API strategy to expand its digital and mobile services without needing to replace its legacy systems.

Legacy systems are no longer the barrier to digital innovation that they once were. With some creative thinking and the adoption of new technologies legacy can continue to be part of your IT infrastructure in 2019!

https://www.finextra.com/newsarticle/33529/bank-of-england-slammed-over-outdated-it-and-culture

Battle of the Chiefs

Posted on : 25-01-2018 | By : Tom Loxley | In : Predictions, Uncategorized

Tags: , , , , , ,

0

2018 Prediction – Deep Dive

Chief Information Officer 1 – Chief Digital Officer 0

Digital transformation is undeniably the main driving force for change in businesses today. We have seen the financial sector being completely transformed by new technologies that offer the ability to engage customers in very different ways, driving more profits. Originating in the marketing department, digitally morphed into E-commerce where it gained more budget and more power. This led to the establishment of a new executive role of the Chief Digital Information Officer (CDiO). The more traditional role of the Chief Information Officer (CIO) faded in many organisations as CIO’s concentrated on their legacy systems, often accused of being slow to change in this new fast-paced environment. The CDiO rose as the star of the transformation show moving at lightening digital speed, propelling the competitive advantage and adding value to the business.  The two Chiefs have been working alongside each other uncomfortably over the past few years, neither understanding the boundaries between them. Not for much longer ….

We are starting to see some CDiOs come adrift as the main power point, with the promised world of digital failing to emerge. They too are being slowed down and unseated by the weight of legacy systems and legacy ideas in many organisations. Business leaders are getting impatient with the time to deliver ‘revolutionary’ change. Is it that these changes take time or is there a hint of the ‘Emperor’s new Code’ about this?

Broadgate believes that 2018 will see the resurgence of the CIO as the leading force. The digital buzzword is fading as digital is increasingly seen as a core part of any business strategy, intrinsic to the organisation. The development of the CDiO was a good short-term fix to turbo charge the digital roadmap, taking some of the weight off the CIO shoulders and enabling change. It could be said that the CDiO role developed as a result of an early division of labour between old and the new as digital models emerged. However, recently we have seen a considerable shift across all major sectors with four trends leading the charge for change: cloud, mobility, IoT and big data. It is this technological innovation that has enabled the role of the CIO rise once more.

This is the big moment for the CIO essentially becoming the hero of the digital age, not only embracing the new but also connecting the old with the new and really enabling organizations to move forward. That said, we must not underestimate the scale of the challenge CIO’s face, there is a level of complexity in this new age of digital transformation that isn’t going away. Compounding this issue, business processes are often overlooked when technology is being rapidly applied. In many cases the CIO needs to reach out to their business counterpart in the area where technology is going to be deployed to ensure not only that there is complete connection but also that, working together, they understand how the business will function in that new environment and how orchestrating business technology will produce and deliver a strong result. CIOs must now take ownership of both to ensure they are not locked out of future technology decisions. The CIO who can keep up with the pace of new technology adoption can stay ahead of potential CDiOs encroaching on their territory.

Could You Boost Your Cybersecurity With Blockchain?

Posted on : 28-11-2017 | By : Tom Loxley | In : Blockchain, Cloud, compliance, Cyber Security, Data, data security, DLT, GDPR, Innovation

Tags: , , , , , , , , , , , , , , ,

0

Securing your data, the smart way

 

The implications of Blockchain technology are being felt across many industries, in fact, the disruptive effect it’s having on Financial Services is changing the fundamental ways we bank and trade. Its presence is also impacting Defense, Business Services, Logistics, Retail, you name it the applications are endless, although not all blockchain applications are practical or worth pursuing. Like all things which have genuine potential and value, they are accompanied by the buzz words, trends and fads that also undermine them as many try to jump on the bandwagon and cash in on the hype.

However, one area where tangible progress is being made and where blockchain technology can add real value is in the domain of cybersecurity and in particular data security.

Your personal information and data are valuable and therefore worth stealing and worth protecting and many criminals are working hard to exploit this. In the late 90’s the data collection began to ramp up with the popularity of the internet and now the hoarding of our personal, and professional data has reached fever pitch. We live in the age of information and information is power. It directly translates to value in the digital world.

However, some organisations both public sector and private sector alike have dealt with our information in such a flippant and negligent way that they don’t even know what they hold, how much they have, where or how they have it stored.

Lists of our information are emailed to multiple people on spreadsheets, downloaded and saved on to desktops, copied, chopped, pasted, formatted into different document types and then uploaded on to cloud storage systems then duplicated in CRM’s (customer relationship management systems) and so on…are you lost yet? Well so is your information.

This negligence doesn’t happen with any malice or negative intent but simply through a lack awareness and a lack process or procedure around data governance (or a failure to implement what process and procedure do exist).

Human nature dictates we take the easiest route, combine this with deadlines needing to be met and a reluctance to delete anything in case we may need it later at some point and we end up with information being continually copied and replicated and stored in every nook and cranny of hard drives, networks and clouds until we don’t know what is where anymore. As is this wasn’t bad enough this makes it nearly impossible to secure this information.

In fact, for most, it’s just easier to buy more space in your cloud or buy a bigger hard drive than it is to maintain a clean, data-efficient network.

Big budgets aren’t the key to securing data either. Equifax is still hurting from an immense cybersecurity breach earlier this year. During the breach, cybercriminals accessed the personal data of approximately 143 million U.S. Equifax consumers. Equifax isn’t the only one, if I were able to list all the serious data breaches over the last year or two you’d end up both scarred by and bored with the sheer amount. The sheer scale of numbers here makes this hard to comprehend, the amounts of money criminals have ransomed out of companies and individuals, the amount of data stolen, or even the numbers of companies who’ve been breached, the numbers are huge and growing.

So it’s no surprise that anything in the tech world that can vastly aid cybersecurity and in particular securing information is going to be in pretty high demand.

Enter blockchain technology

 

The beauty of a blockchain is that it kills two birds with one stone, controlled security and order.

Blockchains provide immense benefits when it comes to securing our data (the blockchain technology that underpins the cryptocurrency Bitcoin has never been breached since its inception over 8 years ago).

Blockchains store their data on an immutable record, that means once the data is stored where it’s not going anywhere. Each block (or piece of information) is cryptographically chained to the next block in a chronological order. Multiple copies of the blockchain are distributed across a number of computers (or nodes) if an attempted change is made anywhere on the blockchain all the nodes become are aware of it.

For a new block of data to be added, there must be a consensus amongst the other nodes (on a private blockchain the number of nodes is up to you). This means that once information is stored on the blockchain, in order to change or steel it you would have to reverse engineer near unbreakable cryptography (perhaps hundreds of times depending on how many other blocks of information were stored after it), then do that on every other node that holds a copy of the blockchain.

That means that when you store information on a blockchain it is all transparently monitored and recorded. Another benefit to using blockchains for data security is that because private blockchains are permissioned, therefore accountability and responsibly are enforced by definition and in my experience when people become accountable for what they do they tend to care a lot more about how they do it.

One company that has taken the initiative in this space is Gospel Technology. Gospel Technology has taken the security of data a step further than simply storing information on a blockchain, they have added another clever layer of security that further enables the safe transfer of information to those who do not have access to the blockchain. This makes it perfect for dealing with third parties or those within organisations who don’t hold permissioned access to the blockchain but need certain files.

One of the issues with blockchains is the user interface. It’s not always pretty or intuitive but Gospel has also taken care of this with a simple and elegant platform that makes data security easy for the end user.  The company describes their product Gospel® as an enterprise-grade security platform, underpinned by blockchain, that enables data to be accessed and tracked with absolute trust and security.

The applications for Gospel are many and it seems that in the current environment this kind of solution is a growing requirement for organisations across many industries, especially with the new regulatory implications of GDPR coming to the fore and the financial penalties for breaching it.

From our point of view as a consultancy in the Cyber Security space, we see the genuine concern and need for clarity, understanding and assurance for our clients and the organisations that we speak to on a daily basis. The realisation that data and cyber security is now something that can’t be taken lighted has begun to hit home. The issue for most businesses is that there are so many solutions out there it’s hard to know what to choose and so many threats, that trying to stay on top of it without a dedicated staff is nearly impossible. However, the good news is that there are good quality solutions out there and with a little effort and guidance and a considered approach to your organisation’s security you can turn back the tide on data security and protect your organisation well.

Cloud computing. Where does the responsibility for security lie?

Posted on : 31-10-2016 | By : michael.wells | In : Uncategorized

Tags: , , , , ,

1

It is rare for a firm these days, NOT to have a cloud strategy. Whether it be software as a service, a platform or infrastructure. Our clients’ views have changed radically over the last few years from a ‘no cloud’ to fully embracing on-demand computing services. One of the main previous challenges was that organisations did not feel their data was secure in the ‘cloud’, it was outside their control and so felt the likelihood of loss/breaches were heightened. Now a comment we often hear is ‘these guys can do security better than us’ they are Google with a security team of thousands!

Are companies becoming too complacent? Yes – Microsoft does have a great security model, It protects the datacentres, infrastructure and platforms extremely well. But… it does not protect your data. This is still your responsibility and we are identifying a gap between responsibilities of the cloud provider and the client.

One of the biggest cyber security risks facing business today is the loss of data and cloud services face similar challenges. A cloud environment is subject to the same risks as the traditional corporate network. In fact, cloud providers are more attractive targets for the hackers due to the vast volumes of data they hold in a sometimes all too easily accessible environment. Cloud providers do, of course, claim to offer a secure environment, and a high level of security for the aspects of the cloud service they take responsibility for. It is the customer’s responsibility to ensure that their data is protected. Business often assumes that by outsourcing their data to a third-party cloud service provider that the security has been covered, but business should never assume this to be the case.  Every business must accept that they are ultimately responsible for their date where ever it is stored.

AWS has been quoted as saying “we are not the owners or custodians of the data; we just supply the resources. We don’t control how customer data is protected, customers do”

The bottom line for any enterprise looking to move to a cloud technology model is that they must undertake extensive due diligence to understand the risks they are facing by adopting this model and how the engagement of a third-party supplier to provide this service will exacerbate the risk.  In simple terms storing data in the cloud is the same as storing your data on someone else’s computer.

So, what are the biggest threats facing cloud service users?

User Error: Cloud applications are excellent for file sharing amongst multiple users. Research shows that 23% of files in cloud apps are broadly shared and 12% of those contain sensitive information. Without adequate security controls in place which track with whom, how and when a file and content are shared users are unable to track where their data is travelling and to whom.  This makes it easier for data to be lost by accident or for hackers to intercept without being noticed.

Hackers Attack: Hackers force attacks and use malware to break into cloud application accounts. In the first 6 months of 2016, 37% of abnormal cloud application activity indicated attempts to take over cloud accounts and 63% of abnormal cloud activity indicated attempts to steal data.

There are steps business can take to increase the security of their data in the cloud:

  • Encryption and key management- Data should be encrypted when it travels back and forth over the internet and when it is hosted in the cloud provider’s environment.
  • Identity and Access Management – Cloud providers are user innovative multi factor authentication technology.
  • Monitoring and reporting – What access controls have been set on your cloud environment. Do these breach internal controls? E.G. has someone ‘shared to public’ a Office365 SharePoint directory so exposing confidential data to the world?

Security firms are waking up to the gap in responsibilities. For example, PaloAlto now utilises tools to analyse your O365 environment for security discrepancies allowing a higher degree of monitoring and control.

As cloud computing becomes more popular, it will become the target of more malicious attacks. No single environment is safe and every infrastructure must be controlled with set policies in place.

 

 

There’s no such thing as free Wi-fi…

Posted on : 28-06-2016 | By : richard.gale | In : Cyber Security, Uncategorized

Tags: , , , , , , , ,

0

Every day thousands of business travellers arrive at their destination searching for the “free Wi-Fi” sign so that they can stay in touch. What most people don’t realise is this creates an excellent opportunity for the cyber criminals to get their hands on your personal information and sensitive corporate data. We are all familiar with some high profile hacks – Sony and Talk Talk to name just a few but there isn’t a week that goes by without another hitting the headlines.  It is all too easy to see cyber security as problem only for large corporates and not something that we mere mortals have to deal with.  An expression very familiar to most cyber security experts is; “why would anyone be interested in me or my information…”

If you have a device with information stored on it, and/or you send information over the internet this is exactly what the cyber criminals are looking for! 

Remember the phrase “one man’s trash is another man’s treasure”!

Why Do Cyber Criminals Want Your Information

So why are cyber criminals so keen to get their hands on your information?  They want your personal details, your clients or suppliers’ details, your trade secrets, or simply a list of email addresses. All of these details are highly valuable when traded on the dark web. The value of a laptop maybe $600 but if you have confidential merger plans on the disk then the PC could be worth millions of dollars to a criminal or business rival.

Even if you think you don’t have any of this information you may still be of interest.

You may be a target as the weakest link and the way in to a more valuable target further up the supply chain.

How Do They do It?

One of the most common way for hackers to steal your data is to use software to intercept the Wi-Fi network at which point they can see everything on a fellow free Wi-Fi user’s screen. They can then see all the traffic travelling to and from to extract important information.

Another popular method used by hackers is to set up rogue Wi-Fi hotspots in areas where large numbers of users are likely to be searching for a connection. These hotspots can use generic names like “free Wi-Fi” to cause trusting users to connect, at which point their personal information can be collected.

The easiest way for thieves get their hands on your data is get the device itself. Home Depot and Pfizer suffered from huge data compromise due to laptops holding confidential information that had been stolen from laptops left in the back of a taxi. A recent study found that nearly half of all executives have lost a device in the past year!  It is estimated that over 2 million laptops are lost or stolen in the US each year.

It’s nearly impossible to secure against an opportunistic thief or simple forgetfulness, so it’s important to take precautionary steps..

 

 

What Steps Can You Take to Protect Your Devices And Your Information

There are a number of steps that you can take to protect your information when you travel.

Before You Go

Back Up

Save all the information on the devices that you are required to take on your trip.

Do You Need The Device/Data for the Trip

Think about the device you are taking and what information is on that device. Ask yourself are you travelling with data that you cannot afford to lose?

Be suspicious of emails you receive

Before you travel especially if they are linked to large international events.

Do not post your travel plans on any social networking site.

Many of the CEO email scams where scammers impersonate the CEO email to defraud the company happen while the executives are out of the country.

 

Whilst Travelling

Protect Your Device

Never pack it in the hold, or leave it on a hotel table while you grab a coffee.  If you do need to leave it behind then lock it away in the hotel safe. Always pin code/ password your device. Last year a report found that 50 per cent of executives had lost their device.

Install Anti-Virus Software

There are a number of mobile device security software solutions available. Install on all your devices for added protection.

Disable Bluetooth Access

When you allow access to a device via Bluetooth connection, once connected this connection stays open and data can flow freely with very little or no user confirmation. How often have you connected your phone to the Bluetooth in a hire care, when you connect your phone you can see details of the previous which if still in range would enable access to their data.

Don’t Use Public Wi-Fi

Public Wi-Fi networks are available everywhere these days. The traveller should use with extreme caution as they are often poorly protected and easily imitated by cyber criminals who set up their own “hotel” networks. The names of Wi-Fi networks are manually created so anyone can set up using any network name. Criminals might set up a network called “official hotel Wi-Fi”.  Once you click and connect to the scammers rogue network they have their hands on all of your data. Always verify with the hotel, café, airport lounge etc. that you are connecting to the official network and check that it has the padlock sign in the top bar. If possible avoid using any public network.

Don’t Use Shared Computers

Often hotel lobby’s will have some shared computers with internet access.  You have no idea how safe the network is so again avoid using wherever possible.

Don’t Do Any Financial/Sensitive Transactions

Take extra precautions whilst connecting to Wi-Fi. Do not send any financial information or business critical information whilst abroad and save it until you are back in the office safely within your secure network.

 

When You Return

Change all your password in case they have been stolen.

Look out for any suspicious emails

When The Unthinkable happens – What to Do If Your Data Is Lost Whilst Travelling

Assess – What has happened, what is the potential impact?

If your laptop has been stolen with company data on then; if it was password protected, encrypted and you have the ability to track and remote ‘wipe’ the disk then you are probably in a reasonable position. The cost will be a new laptop not a new career.

Conversely if you had sent your corporate takeover plans to Dropbox, uploaded them onto your personal un-protected iPad and lost that then the significance of loss is much higher.

Inform – Relevant people about what has happened.

Depending on what has been lost this could be your IT department, management, bank, customers, suppliers, partners, police, insurance firm and potentially shareholders.

Forward looking firms have a policy explaining what to do in this situation with contact and help points. The main point is to make sure relevant people are aware and so can help make the right decisions to minimize the consequences of loss.

Remediate – Resolve the problem as quickly and effectively as possible

Change your passwords immediately. This may help prevent criminals accessing your emails and sensitive information.

Disable the lost device if possible and wipe data from it. Track it and keep law enforcement and your IT department informed.

If you think banking/financial information may be compromised then inform your bank and accounts department.

Monitor activity. It may be useful to explain to customers/suppliers what has happened so they can monitor too. An all too common fraud is to imitate a CFO and give customers new bank account details to send their payments to.

Replace compromised, lost equipment

Review policies and ensure they are communicated and enforced

 

Losing information whilst travelling be very worrying, the main thing is not to panic. Having a clear understanding of how to protect yourself helps significantly to reduce this and the likelihood of loss in the first place.

 

Raising Awareness

The most important tool in the battle against the cyber criminals is awareness. Training is crucial in helping people to understand what the issues are, what is at stake and the simple steps they can take to drastically reduce the risk.

Develop a cyber security culture that becomes a part of everyday corporate life whether in the office or on the road.

The Ultimate Way to Move Beyond Trading Latency?

Posted on : 30-03-2016 | By : richard.gale | In : Finance, Innovation

Tags: , , ,

0

A number of power surges and outages have been experienced in the East Grinstead area of the UK in recent months. Utility companies involved have traced the cause to one of three  high capacity feeds to a Global Investment bank’s data centre facility.

The profits created by the same bank’s London based Propriety Trading group has increased tenfold in the same time.

This bank employs 1% of the world’s best post-doctoral theoretical Physics graduates  to help build its black box trading systems.

Could there be a connection? Wild & unconfirmed rumours have been circulating within  the firm that a major breakthrough in removing the problem of latency – the physical limitation the time it takes a signal to transfer down a wire – ultimately governed by of the speed of light.

For years traders have been trying to reduce execution latency to provide competitive advantage in a highly competitive fast moving environment. The focus has moved from seconds to milli and now microsecond savings.

Many Financial Services & technology organisations have attempted to solve this problem through reducing  data hopping, routing, and going as far as placing their hardware physically close to the source of data (such as in an Exchange’s data centre) to minimise latency but no one has solved the issue – yet.

It sounds like this bank may have gone one step further. It is known that at the boundary of the speed of light – physics as we know it -changes (Quantum mechanics is an example where the time/space continuum becomes ‘fuzzy’). Conventional physics states that travelling faster than the speed of light and see into the future would require infinite energy and so is not possible.

Investigation with a number of insiders at the firm has resulted in an amazing and almost unbelievable insight. They have managed to build a device which ‘hovers’ over the present and immediate future – little detail is known about it but it is understood to be based on the previously unproven ‘Alcubierre drive’ principle. This allows the trading system to predict (in reality observe) the next direction in the market providing invaluable trading advantage.

The product is still in test mode as the effects of trading ahead of the data they have already traded against is producing outages in the system as it then tries to correct the error in the future data which again changes the data ad finitum… The prediction model only allows a small glimpse into the immediate future which also limits the window of opportunity for trading.

The power requirements for the equipment are so large that they have had to been moved to the data centre environment where consumption can be more easily hidden (or not as the power outages showed).

If the bank does really crack this problem then they will have the ultimate trading advantage – the ability to see into the future and trade with ‘inside’ knowledge legally. Unless another bank is doing similar in the ‘trading arms race’ then the bank will quickly become dominant and the other banks may go out of business.

The US Congress have apparently discovered some details of this mechanism and are requesting the bank to disclose details of the project. The bank is understandably reluctant to do this as it has spent over $80m developing this and wants to make some return on its investment.

If this system goes into true production mode surely it cannot be long before Financial Regulators outlaw the tool as it will both distort and ultimately destroy the markets.

The project even has a code-name…. Project “Prima Aprilis”

No one from the company was available to comment on the accuracy of the claims.

5 Minutes With Mark Prior

Posted on : 18-12-2015 | By : Maria Motyka | In : 5 Minutes With

Tags: , , , , , , , , , , , , , , ,

0

Which recent tech innovations are you the most excited about?

I get most excited about how my business can benefit from technology (whether it’s new or not). It’s my team’s job to understand our business; its processes, strategy and competitor landscape and bring technology to bear to address those challenges.
Smith and Williamson is a very client centric business – there is a great opportunity to leverage even well-established technology like IPT, Workflow and Document management to improve the service we provide to clients. Additionally Cloud based collaboration tools offer new ways to engage with our clients 1-1 and perhaps open up new markets for services.

Like all industries if we can both improve the service to the client through technology and at the same time lower the cost of servicing a client we will be successful.

From a pure technology perspective I’m looking forward to improvements in price and functionality of end user devices – particularly low cost 2in1 windows devices displacing the desktop or traditional clam laptop as the default end user device. I hope the combination of these devices, windows 10, office 365, Wi-Fi and IPT will provide a better mobile platform that’s easier to manage and support and offers a seamless user experience regardless of location and connection type.

Looking ahead I’m also interested in how graphene will impact IT – whether it’s in battery technology or the size and speed of microprocessors, it appears to have the potential to be revolutionary (and it was invented in the UK!!).

 

How do you see business applications in wealth management adopting As-a-Service operating models?

Firms buy solutions that best meet their needs – how those solutions are delivered is often secondary, however vendors that deliver their solution (only) as a service are I feel better placed to rapidly adapt and evolve their offering as it’s a single code set, single port etc. This should keep their costs down and by passing those savings to customers they will drive adoption and create a virtuous circle. It should also mean they can focus development resource on new features rather than maintaining multiple code sets and branches.

 

In your opinion, what are the biggest data security risks that financial organisations are currently facing and how can they be overcome?

I think everyone understands the need for perimeter security, good patch management, access controls etc. But I think an area this is sometimes overlooked are “end users” either inadvertently or deliberately exposing data. We need to ensure we classify our data based on risk, educate our employees and have appropriate audit trails and controls based on data classification (all easier said than done). Service like MS Office 365 and OneDrive mean this has to be driven as much by policy and education as by IT.

 

Why did you choose Broadgate to assist you? What value has working with Broadgate brought to your team?

I’ve known the team for many years and trust them to do a good job for their clients.

Broadgate’s engagement style is collaborative and consultative, unlike other firms where every conversation is viewed as a selling opportunity.

 

Which technology trends do you predict will be a key theme for 2016?

Every year we think it will be cloud – maybe this year it will happen (though personally I’m not sure it will) Financial service firms are still hesitant to put client data into the public cloud and many firms say the cost of cloud is more than the marginal cost of adding capacity to their own facilitates.
Hosting strategies are difficult to formulate as the options are many and varied with no clear leaders. I think Google will drive into MS market share (a few years ago I can’t recall anyone seriously considering alternatives to MS Office) which should ensure healthy competition and better options for their customers.

The Blockchain Revolution

Posted on : 28-08-2015 | By : richard.gale | In : Cyber Security

Tags: , , , , , , , , , , ,

3

We’ve been excited by the potential of blockchain and in particular bitcoin technology and possibilities for a while now (Bitcoins: When will they crash?  More on Bitcoins..  Is someone mining on my machine? ). We even predicted that bitcoins would start to go mainstream in our 2015 predictions . We may be a little ahead of ourselves there but the possibilities of the blockchain, the underpinning technology of crypto currencies is starting to gather momentum in the financial services world.

Blockchain technology contains the following elements which are essential to any financial transaction

  1. Security – Blockchain data is secure as each part of the chain is linked with the other and many copies of that data are stored among the many thousands of ‘miners’ in an encrypted (currently unhackable) format. Even if a proportion of these miners were corrupt with criminal intent the voting of the majority will ensure integrity
  2. Full auditability – Every block in the chain has current and historic information relating to that transaction, the chain itself has everything that ever happened to it. The data is stored in multiple places and so there is a very high degree of assurance that the account is full and correct
  3. Transparency – All information is available in a consistent way to anyone with a valid interest in the data
  4. Portability – The information can be available anywhere in the world, apart from certain governments’ legislation there are few or no barriers to trade using blockchain technology
  5. Availability – There are  many copies of each blockchain available in virtually every part of the world blockchains should then always be available for use

The blockchain technology platform is flexible enough to incorporate additional functions and process without compromising it’s underlying strengths.

All major banks and a number of innovative startups are looking at ways blockchain can change the way transactions are executed. There are significant opportunities for both scale and efficiency using this technology. Areas being researched include;

  • Financial trading and settlement. Fully auditable, automated chain of events with automated payments, reporting and completion globally and instantly
  • Retail transactions. End to end transactions delivered automatically without the opportunity of loss or fraud
  • Logistics and distribution. Automatically attached to physical and virtual goods with certified load information enabling swift transit across nations
  • Personal data. Passports, medical records and government related information can be stored encrypted but available and trusted
There are still some significant challenges with blockchain technology;
  1. Transactional throughput – limited by banking standards (10’s of transactions per second at present rather than 10,000’s)
  2. Fear and lack of understanding of the technology – this is slowing down thinking and adoption
  3. Lack of skills to design and build – scarce resources in this space and most are snapped up by start-ups
  4. Complexity and lack of transparency – Even though the technology itself is transparent the leap from the decades old processes used in banks back offices for example to a blockchain programme can be a large one. In the case of time critical trading or personal information then security concerns on who can view data come to the fore.
  5. Will there be something else that replaces it – will the potentially large investment in the technology be wasted by the ‘next big thing’?

We think blockchain could have a big future. Some people are even saying it will revolutionize government, cutting spending by huge amounts. If blockchain transactions were used to buy things then sales tax and various amounts to retailers, wholesalers, manufacturers could be paid immediately and automatically. The sales person could have the blockchain credit straightaway too.

Blockchains could remove huge levels of inefficiency and potential for fraud. It could also put a significant number of jobs at risk reflected in John Vincent’s article on the future of employment.

Is your small business the next target for hackers?

Posted on : 28-08-2015 | By : kerry.housley | In : Cyber Security

Tags: , , , , , , , , ,

0

Cyber attacks make great headlines but behind the headlines are the real stories affecting real business.  The fact is that smaller medium sized companies are increasingly more likely to be targeted than their larger counterparts.  SMEs are now considered the biggest target in the cyber threat landscape.

There are many reasons for this, smaller companies don’t think that that they have anything of interest to hackers “why would anybody want to attack us we don’t have anything to steal”. They couldn’t be more wrong,  even if they don’t have any information which is of interest in its own right they may well provide a way into a larger organisation in their supply chain.

Some worrying statistics are emerging which show hackers are specifically targeting smaller companies as they do not have the budget for people or technology to protect themselves. Key risks for smaller firms are:

  • Lack of security policies and controls
  • Low levels of knowledge of potential threats and methods to combat
  • Small or no budget allocated to cyber protection
  • Outdated technology and update procedures
  • ‘Ostrich’ approach to risk assuming it will happen to someone else

The impact of a cyber attack on an SME can be disproportionate to its size. Larger companies can absorb relatively large losses well and can call on external help to resolve  – Sony’s breach in the end was estimated at £35m which had negligible impact on a multi-billion dollar organisation. For smaller firms, any loss (whether cyber or other fraud) can put them out of business if it impacts cash-flow and could result in the loss of major clients if they are part of a larger firms supply chain.

It is crucial to understand that information assets are more valuable than you might think.  Although larger enterprises now appear to be taking steps to protect their organisations many do not look to their partners and vendors so they too are guilty of not understanding the effect on the supply chain.  There is no point in pulling out all the stops internally to protect information assets if the companies that you do business with are not doing the same.

Many commentators have described SME’s as the Achilles heel in the business world which will result in devastating financial consequence if they do not take appropriate action to protect their information assets.  The UK Government Information Security Breaches Survey 2015 found that 74% of SMEs had reported that they had suffered an information security breach. They also found that severe attacks can now cost up to £300k+ for a smaller business.  This would put many smaller companies out of business as they couldn’t afford to take a hit this big.

In response to this threat the UK government have launched a number of initiatives designed to help SME’s to understand the cyber security issues that they face. 2014 saw the launch of the Cyber Essentials Scheme which is designed to be a much simpler way for business to take steps to limit their risk of a breach.  Most recently in July a voucher scheme has been set up which will enable SME’s to apply for a maximum of £5000 which can be used to fund specialist advice from Information security specialists that they otherwise would not be able to afford.  These initiatives are designed to increase the resilience in the UK business community to cyber attack. Ed Vaizey digital economy minister has said “We want to protect UK business against cyber attack and make the UK the safest place in the world to do business online.”

It is imperative that all businesses of any size understand the cyber threat and the effect this has on their entire supply chain network. Always know who you are doing business with and take steps to ensure you know how they are protecting your information assets.

In addition to assisting many ‘blue chip’ clients we also provide information risk assurance to smaller organisations. Often this can be quickly assessed with our ASSURITY product. Please do get in contact if you need some advice.

Kerry Housley

Kerry.Housley@broadgateconsultants.com