Market infrastructure consortium re-evaluates data protection as cyber threats evolve

Industry working group identifies opportunities to better protect financial market infrastructures’ data in case of cyber-attacks.

A group of market infrastructures, including the DTCC, Euroclear and LCH, have teamed up to assess data protection and validation in the context of evolving cyber threats.

Six infrastructure providers have delivered a new whitepaper to evaluate how Financial Market Infrastructures (FMIs) are protecting and leveraging data and explore options that firms should consider as they bolster their capabilities, including data recovery, reconciliation and replay.

The white paper suggests FMIs should regularly conduct a comprehensive evaluation of their applications to understand any critical interdependencies and identify opportunities for enhanced resiliency as technology evolves.

The report noted there is no standard approach to identifying the types of data that need to be protected, nor the manner in which that data should be protected.

The working group added that when facing a cyber-attack, traditional data replication strategies designed for physical or non-cyber disruptions have the potential to spread corrupted data to backup databases, including those within data bunkers and backup data centres. To tackle this challenge, the group sought to identify tools to address data recovery and validation issues, draw out key lessons and principles for using those tools, and identify areas that would most benefit from further industry collaboration.

The paper also highlights the need for greater industry collaboration around the creation of design principles for housing critical data sets in data bunkers and third-party sites; the need for further guidelines for minimising contagion; the adoption of common standards for assessing third-party risks to the ecosystem; the delivery of industry-wide cyber exercises by an independent party; and a common, yet flexible, definition of service criticality and its prioritisation around resumption.

“The operation of FMIs is based on the use and trust of data, and to perform effectively, FMIs must keep their transaction and position data, configuration data – which is needed to run systems, and application data protected and intact,” said Rachel Tyler, executive director, business resilience at DTCC and chair of the industry working group.

“Firms must consider how they can continue to improve data protection and validation capabilities to best defend and recover from cyber threats. We are pleased to have engaged with our peers on this paper, and look forward to seeing these efforts progress.”