Cyber threats present a potential systemic risk to the securities markets, according to a new report by the International Organization of Securities Commissions.
The research revealed that 53% of world exchanges had suffered a cyber attack in the past year. These attacks tend to be “disruptive in nature, rather than motivated by financial gain”, the report said, which distinguishes them from traditional crimes in the financial sector, such as fraud and theft.
So far, cyber attacks on stock exchanges have focused on non-trading, related online services and websites and have not come close to knocking out critical systems or trading platforms.
Fortunately, exchanges are well aware of cyber threats and prepared to prevent and respond to them. Some 93% of respondents have disaster-recovery protocols or measures in place to deal with the fallout of a cyber attack. All organisations are able to identify a cyber attack within 48 hours of it occurring and 93% report that cyber threats are discussed and understood by senior management.
But as it is impossible to achieve complete security in the face of a widely unknown and rapidly evolving threat, the vast majority (89%) of stock exchanges agree that cyber crime in securities markets should be considered a systemic risk.
Sally Percy is editor of The Treasurer