Collaboration between the financial services industry and government entities has increased in response to rapidly evolving cybersecurity threats, but both sides agree there is room for improvement. Experts at the SmartBrief Cybersecurity Forum in New York City on Tuesday identified increased information sharing and the enactment of legislation already making the rounds on Capitol Hill as two ways to enhance the security of today’s financial markets.

Policy Enhancements

Karl Schimmeck, managing director of financial services operations for the Securities Industry and Financial Markets Association, said cybersecurity initiatives undertaken by the Obama Administration earlier this year have spurred greater engagement from a host of government agencies. Schimmeck also cited the NIST Framework unveiled in 2014 as example of the government helping industry devise best practices that can be put to use by all firms – large and small.

Chris Feeney, president of the Financial Services Roundtable’s BITS technology policy division, said government could help by harmonizing state laws within the U.S. (read more…)

“Without financial services, nothing else happens.” So says Broadridge President and CEO Rich Daly. SmartBrief caught up with Daly on the sidelines of the 2015 Milken Institute Global Conference to discuss how financial services firms can turn technology challenges and operational burdens into competitive advantages.

What do you think about the potential of financial utilities?

I have heard this idea for a long time. The elephant in the room is that nobody in the history of the world has ever taken a single-entity platform and successfully converted it to a multi-entity platform. I am not saying it is impossible, but no one has ever done it. It is like taking a studio apartment and saying you want to convert it into a sports arena. I guess you could do it, but you are starting with something that is entirely different to begin with.

The answer is trying to take the infrastructure we already have and using technology to re-engineer it so it is truly less costly for everyone. (read more…)

With cybersecurity front-and-center in the board rooms and executive suites of virtually every major corporation, it stands to reason that some of the thought leaders at the 2015 Milken Institute Global Conference would have a few things to say on the topic.

Companies are starting to understand the business community has reached a “new normal” when it comes to cybersecurity, according to Brunswick Group CEO Susan Gilchrist. CEOs are becoming more engaged and are understanding they need to invest.

Ray Rothrock, chairman and CEO of cyber defense firm RedSeal, said a great deal of spending has transitioned from prevention to incident response and recovery. However, Rothrock cautioned that the solution is more complex than just boosting cybersecurity budgets. Rothrock said JPMorgan Chase is a prime example: The firm spends hundreds of millions of dollars per year on cybersecurity and it still got hit.

There are many relatively inexpensive best practices that firms can deploy to improve their cybersecurity. (read more…)

Operational risk management was on the minds of many attendees at the 42nd Annual SIFMA Operations Conference and Exhibition, held earlier this month in San Diego. Financial services firms have vastly improved their internal operational risk protocols, but one area set to attract increased scrutiny in the coming year is vendor risk management.

“You can outsource work, but you can’t outsource responsibility,” explained Thomas Ferlazzo, vice president of financial markets infrastructure at the Federal Reserve Bank of New York.

Everyone is familiar with the story of Edward Snowden, which serves as the most famous reminder about the risk third-party vendors and their employees can represent.

Sam Chari, executive vice president and enterprise risk manager for PIMCO, reminded the audience that employees are the first line of defense. Chari urged firms to focus on training employees about what levels of risk management are expected. He explained there is a difference between teaching employees how to spot threats posed by vendors and educating them about when to escalate such threats up the risk management chain-of-command. (read more…)

A few highlights and memorable quotes from Day Two of the 2015 Milken Institute Global Conference:

Pollster and message guru Frank Luntz on the importance of presidential contenders being able to connect with a crowd: “Barack Obama is the best teleprompter reader of all-time. John McCain? Stevie Wonder can read a teleprompter better than John McCain.”

Yahoo! Chief Information Security Officer Alex Stamos during a very informative panel on privacy and cybersecurity: “People talk about how we live in a “post-Snowden” world, but nothing has changed. None of the acts Snowden exposed have led to any legal changes in what the government can and can’t do. People worry about the pendulum swinging to far, but the truth is it hasn’t swung at all.”

Gene Sperling, former National Economic Advisor to Presidents Obama and Clinton: “If you are grading on a curve, then U.S. fiscal policy is an A+ because the stimulus worked. (read more…)