It won’t happen to me. Never. Cybersecurity issues are for large companies, banks, wealth management firms and the like. Why should I worry about it?
The short answer is that we ALL need to worry about it. Especially if we work with financial institutions, whose reputation is critical for their business success. Where relationships based on trust and a common commitment to manage risk are the most important thing.
Those relationships include employees on both sides of the supply chain. As well as the supplier itself. It’s often these employees who can cause the biggest cybersecurity challenges. Making it even more important to make sure that everybody in the organization adheres to cybersecurity policies.
In a recent report prepared for Euromonitor, the authors highlighted how most boards are not cyber-aware. In the report they address the problems that many Chief Information Security Officers (CISOs) face in their roles today. Especially as few of them speak ‘board language’.
To save time and minimize risk, it is critical for financial institutions to engage with suppliers who have a high level of cybersecurity policies in place. Especially if they have not developed a sophisticated infrastructure in-house.
Athena Systems – where cybersecurity is at the top of the agenda
Consistently ranked #1 for flexibility, service, and cybersecurity, Athena Systems develops and supports Athena Spark. Spark is a highly versatile OMS/PMS, compliance, and accounting system tailored to their clients’ specific needs.
United Fintech, the ‘one-stop-shop’ for innovative capital markets products, recently invested in Athena Systems. The cybersecurity risk appetite at United Fintech was within normal parameters prior to the investment. However, once United Fintech became aware of the level of cybersecurity that Athena Systems had put in place, they started upgrading their existing policies.
“After United Fintech saw the intensive improvements carried out by Athena Systems, the rest of the companies within United Fintech started to establish the same policies to guarantee cyber safety.” – Erik Nordahl, Partner & CTO
Athena Systems – placing security at the heart of everything we do
As a software-as-a-service firm, Athena Systems has always focused on cybersecurity. The company has been awarded an excellent score in cybersecurity by UpGuard Inc. of Mountain View, California. UpGuard is a complete third-party risk and attack surface management platform.
Each year Athena Systems are reviewed, each year they gain a higher ranking out of the 950 total points available from the ranking provided by UpGuard. This score currently sits at 947 out of 950. Placing it far higher than any other company in the sector.
“If you do not have world-class cybersecurity protocols, it is not a matter of IF your operations will be compromised by a hacker, but WHEN.”
The human factor
Identifying threats, assessing vulnerability, and mitigating the impact to the organization are fundamental to addressing cybersecurity threats. However, the biggest threat organizations face is due to the human factor.
Hackers and cyber-criminals are becoming more creative daily. Stories of pen drives being left lying on the floor in company car parks are just one example of how they try to find ways around company’s cybersecurity policies.
Internal employees must adhere to a long list of security and data policies within their companies. Its not just firewalls, emails and websites, there is far more to internal cybersecurity policies that are needed. In fact, when you make cybersecurity a company-wide priority, employee habits often follow. As such Athena Systems has created 29 policies, the company has a mature approach to security within the organization. Procedures are in place for employees to understand risks at every level of the organization.
Additionally, Data Protection is also at the forefront of everything that Athena Systems does. In this regard the location of specific servers is also a consideration for the leadership team at the firm. Ensuring that clients and employees equally understand the jurisdictional requirements related to the location of specific servers.
Following on from United Fintech’s investment into Athena Systems, employees across all United Fintech’s businesses now have a heightened understanding of cybersecurity. They all take pride in the fact that their systems are world-class.
The Cyber Risk Landscape
In 2019 the International Organization of Securities Commissions (IOSCO) submitted a detailed report designed to help participants in financial markets with Cyber Risk.
As part of the report, the IOSCO submitted the results of a survey amongst respondents within the financial industry. Most survey respondents (81%) consider Cyber Risk to be at least one of the most important risks, the most important risk, or a major risk faced by regulated firms in their jurisdiction.
The survey responses also illustrated that Cyber Risk is perceived as a greater risk in jurisdictions with higher GDP per capita (GDP per capita over $30,000).
The survey data, interestingly, suggests that there is no one core standard that dominates.
According to Gartner there are several IT Vendor Risk Management Tools, just like UpGuard, to help companies understand risks related to cybersecurity. The 2021 Gartner Cyber Risk Quantification Survey shows that while 80% of respondents measure risk with ordinal scales, 20% use statistical modeling techniques (e.g., Monte Carlo simulations), and 43% plan to adopt statistics-based risk quantification within the next two years.
Popular use cases for cyber risk quantification include prioritizing cyber risks and improved communication with risk owners, executive management, and boards. Notably, three of the top five use cases center on communication with enterprise partners.
Those who adopt cyber risk quantification believe that expressing risk in financial and business-relevant units will justify security investments, drive urgency around risk mitigation, and help business leaders decide to invest in cyber security.
What this means for financial institutions is that working with a supplier who makes Cyber Risk a priority within their organization, can ensure that some of their own risk is lowered.
Flexibility in trading solutions
Even though Athena Systems has the best level of cybersecurity on the market today, clients are still able to use Athena’s Spark with their own systems. They can access data and keep it on their own private clouds. Or they can choose to use one of the many cloud providers that are available on the market today.
Companies have differing levels of cybersecurity maturity. Some customers have advanced cybersecurity teams under a Chief Information Security Officer. Other organizations have designated data and security officers who help upkeep company standards. All these differing models can learn a lot from the approach that Athena Systems has. Just like United Fintech, who are now rolling out the same level of protection across all 5 companies.