Brad O'Brien, CEO Hatstand

Brad O’Brien, CEO Hatstand

One of the major threats facing financial institutions in the market today is data loss through a lack of proper preventative security.

That’s according to capital markets consultancy Hatstand, who sat down with IBS Intelligence at Abu Dhabi’s MEFTECH event. The largest threats are “ultimately data related”, says Nasir Kazalbash, EMEA Head of Regulation and Risk. Making the client data secure should be a top priority for banks.

“Transactional data is equally important”, adds Brad O’Brien, CEO. “If a third party can get access to a client’s database of proprietary trades or positions, this is sensitive market information that they can potentially exploit in their own trading strategies.”

“A lot of things are going to mobile apps and functionality and banks are going digital, so there’s a lot more surface area where attacks can happen,” states Rai Umair, Cybersecurity Technical Lead at Hatstand “It used to be websites, but now [attackers] are all going to mobile apps”.

When IBS Intelligence asks if mobile banking’s sudden ubiquity is a problem for banks, Kazalbash answers “absolutely”. “One of the things customers want is to see evidence of testing and ensure things are hack-proof.”

Big issues

It’s a problem for emerging players and established names, Kazalbash says, because both have to tackle fresh ideas and innovative tech: “There’s a big drive for digital banking and banks want to look into this area a lot more. It’s a big issue and quite a challenge”.

Data security is Hatstand’s bread and butter, according to O’Brien. The firm has launched a cybersecurity offering specialised to deal in data: “We have always ensured with tier one banks that we work with that they’re strong with their data security”.

“Most securities trading systems are relatively old and quite legacy – they haven’t been touched for a number of years,” adds O’Brien. “You have an environment where there is lots of data exchange between regulators, clearing houses and exchanges coupled with quite old core systems and that is a big risk.”

Just how aware are the banks of these risks? “They’re getting there,” says Kazalbash with a smile. When they get to the point where a decision is made about security, he adds, something else comes along and throws a spanner in the works: “[data loss] is a major threat but I think some banks don’t really get it”.

The good news, states O’Brien, is that now regulators are coming in and making a point of the need for security. Unfortunately, it’s often the case that banks only get serious when someone high up has to stake their reputation on it and guarantee safe data protection. Good preventative measures can stop the eventual embarrassment.

By Alex Hamilton

by Alex Hamilton
Alex is Senior Reporter at IBS Intelligence, follow him on Twitter or contact him at: