London Stock Exchange’s Turquoise trading system recently experienced a two hour stoppage. The speculation that this may have been a result of sabotage (as yet to be determined) draws timely attention to the threat to organisations from trusted insiders, either through human error or sabotage by those with malign intent.
Continuity of service, access to that service and maintaining confidentiality are vital for financial organisations and they typically concentrate on making sure they can recover from technical failures in these areas. The insider threat, which is just as serious, is often overlooked. Yet insiders typically create the most damaging problems. Any organisation that thinks it does not have an insider problem is not looking in the right places.
Opportunistic crime by insiders can be deterred without invading employees’ privacy. Patterns of behaviour can be monitored and provide advance warning of potential problems, allowing organisations to prevent them by tackling the underlying causes, including providing timely support to employees who need it.
Formulating a baseline against which employees’ behaviour can be monitored is a responsible and necessary step, particularly for financial services companies for whom security and trust is paramount.
This means taking a broader approach to operational risk and not just focusing on narrow technical issues. This will inevitably will require cultural change. It will also build market confidence by demonstrating that the financial sector takes the threat from insiders seriously.
To speak to one of PA’s experts about developing a strategy to protect against algorithms please, contact us now.