Some Things Don’t Just Stay in Vegas: Talking Cyber Security at SALT 2017

Some Things Don’t Just Stay in Vegas: Talking Cyber Security at SALT 2017

Some Things Don’t Just Stay in Vegas: Talking Cyber Security at SALT 2017

Last week the Options team took to Las Vegas for the annual SALT conference to sponsor and provide onsite IT support at the hedge fund industry’s largest get together.

Hosted by our client Skybridge Capital, the exclusive three day event was held in the Bellagio and over the course of the week welcomed an estimated 1800 delegates ranging from leading investment firms, business titans, political and economic leaders and media. Celebrity sessions are the norm for this conference and, this year, appearances from comedians Steve Harvey and Dana Carvey (not a double act, despite the rhyme), singer Jewel and former heavyweight champion Mike Tyson, peppered the agenda and provided entertainment amid the industry discussions (while The Gypsy Kings and Duran Duran kickstarted the evening festivities).

Every day, delegates flocked between the Bellagio’s Grand Ballroom keynote addresses and side session streams, eager to get the inside track for their investment strategies from stock predictions and portfolio diversification to the geopolitical climate which underpins it all.

Headlining the industry discussions were billionaire investors Dan Loeb of Third Point and Sam Zell of Equity Group Investments, former Federal Reserve Chairman Dr Ben Bernanke, former VP Joe Biden, former Presidential candidate Jeb Bush and ex Prime Minister David Cameron, among others.

It’s no surprise that there was heightened interest in all things cybersecurity following the WannaCry attack last weekend – echoed by prominent featured speakers: Alphabet (Google’s parent company) Eric Schmidt and ex CIA Chief John Brennan.

Fresh from ensuring our some 250 clients remained unscathed by the ransomware, Options CTO John Bryant continued the discussion as he took to the stage to caution about the prevalency and intensity of cyber vulnerabilities today.

Read on for a few of the notable takeaways on that theme.

Highlights: WannaCry and Cyber security dominated…

In one of the opening sessions of the conference, Eric Schmidt, Executive Chairman (& former Google CEO) of Google’s parent company Alphabet, addressed the importance of patching and ensuring individuals take responsibility for their operating system updates, noting that many government entities are still running Windows XP. Security technology firms saw an upside to recent ransomware attacks, he said, quoting a gain of more than 30% year to date for Fortinet, Symantec and Checkpoint (just some of the fundamental security technologies that are the bedrock across the Options Managed Platform).

On Day 2, former CIA chief John Brennan continued the cybersecurity narrative from a political perspective. He deemed cyber attacks as the biggest threat to the US and called for more collaboration between private firms and the US government to develop standards to protect the ever increasing digital society.

Later that afternoon in the panel “Fear Factor: Protecting Your Business From Cyber Security Threats”, delegates listened as our CTO John Bryant, alongside the FBI’s Aristedes Mahairas (Special Agent in Charge of the bureau’s Special Operations & Cyber Division) discussed the operational impact of cyber vulnerabilities, kicking off with the industry hot topic of WannaCry.

Linking to the recent NSA tools hack, John advised firms against ignoring the crippling threats legacy software presents.

Quoting recent statistics, John referenced the 1700 known security vulnerabilities detected across the top 7 software vendors to date this year alone – making that a remarkable 85 a week to keep on top of. The workload this presents to firms in terms of monitoring, managing updates, etc, means that cybersecurity best practice is ever changing and evolving.

While Agent Mahairas made reference to state-sponsored cyber crimes, he noted the oft-less reported insider threats, whether accidental or not, adding that organizations are slow to spot these and are susceptible regardless of how seemingly robust their defences are. He stated that the majority of entry points into networks has some sort of human interaction and called for more investment in educating the private sector workforce, adding that “technology is only secondary”.

He cautioned that while everybody is at risk, the capital market participants in particular – the hedge funds, the private equity firms, etc – are the biggest target for cyber crimes. They go to where the money is.

With over $100 billion in assets under management (AUM) supported by Options technology and infrastructure, John affirmed that while more due diligence and informed professionals are driving cyber defence systems, malware and phishing seem to be the root of exploitation and threat actors. He referenced the significant multi-million dollar investment Options has made in cybersecurity real-time alerting to detect these and mitigate against brute force attacks and rogue mobile threats, to name a few. He reminded the audience that regular pen tests will allow firms to have a cutting edge defence.

Ari echoed the need for outside specialists, and in particular spearfishing experts. Citing a recent FBI investigation, he claimed business email compromise is a common scam facing the industry with accounts payable departments the unwitting targets of funds transfer to unauthorized accounts. Something, John concurred, a robust business process would impede.

Concluding remarks: with the majority of compromise stemming from human interaction, user awareness needs to be taken seriously.

Join the #cybersecurity discussion:

If you haven’t already done so, you can join the #cybersecurity discussion at:

LinkedIn.

Twitter

Facebook

You can also watch our show highlights in this short video:

Click here to download our Cyber Security white paper.

Leave a Reply

Your email address will not be published. Required fields are marked *