When I look back at businesses over the years, IT people were at the bottom of the pile. They were the embarrassing ones the company hid in the basement or darkroom somewhere not to be seen by the business. Perhaps it was the way they dressed? T-shirt, socks and all in a corporate environment. Oh, and there were language differences too.
A conversation with an IT help desk went like this;
You:” Hello, my application is frozen.”
IT: “Have you tried restarting your computer?”
You: ” Well, no. Why do I need to restart my computer?”
IT: “*&(#!! .Jargon speak”
You: “Ok. I will restart my computer now.”
You restart your computer, and it works! Wow, how did they know this was what the issue was? They are so smart.
You: Hello, I am unable to connect to an application.
IT: Was the “exe” installed?
You: What is “exe”?
IT: It is the executable that runs when you click on your icon.
IT: In your search type “cmd” and go to the command window.
You: Where is the search?
You: I am in the command prompt.
IT: Type “ipconfig” …..
The acronyms are still there, but it is not limited to IT. You spend years learning how to spell words, only to contract them for whatever reason. A simple example will be, the “DB” is up and running? Are all the “apps” deploy correctly? Do we need to install “SSD’s”?
Fast forward many years later, we are now fully trained to restart our computers when we have issues. We know to save our work—years of hard work to prepare the masses to use computer technology has finally paid off. We are now in the cloud.
IT staff can now remote to your desktop and not ask you silly questions.
People are now using technology to make everyday life easy. The IT guy, well most have been brought out of the darkroom, and the sun is shining on them.
They are now the superheroes of the world. During the pandemic, IT companies are enabling businesses to move online. I know people are still asking were online is and what it means to be online, but that is a question for another day.
IT is here to stay. As we go into 2021, it will be interesting to watch how technology hardware and software will evolve.
In case you are still wondering what “IT” is, well, you can ask Siri or Cortina.
Security breaches are occurring every day. The world will forgive you for thinking you have your antivirus, security software and all locks in place to protect you and your company.
A companies data refers to all the companies digital asset, which includes company emails, voice mails, files and lots more.
What is a security breach? It is merely unauthorised access. You have a security breach in your house if strangers walk into your home and help themselves to your belongings. Some may force the lock (brute force), some may tailgate you into your house and hide, others may make a copy of your key and open your door.
The concept is similar for your data. Your application is the interface that gives you access to your data. When thinking about your companies digital assets, you will not only have to think about the security of your application; you also have to think about securing all steps that lead you to your application. Ideally, the company should carry all analysis long before deploying the application into a production environment.
Let us go back to your home security, if you have your gold stored in a safe in the wall of your study and put a picture over it. Do you lock the door of the room and leave the main house and gate wide open? No, you still have security in your home.
Let us look at some of the steps leading to the execution of an application.
Turn on your computer or mobile device
Log in to your computer
Access your application that lives on your computer or
Access application that lives in the cloud.
There may be more but I will address these simple steps in this writeup.
When you turn on your computer, if in the past you had
Visited some strange site
Used a USB key that someone gave to you for free
Clicked on a link in an email
When you turn on your computer operating system boots up, one of the above processes may have installed malicious software to execute on boot. Some may capture your keystroke and use this to obtain your password—one gate down, now to the next.
You now log into the application that gives access to your data. So what happens is that your invisible key logger now also has access to your data and you do not know it. Wow, now how do you know that there is a stranger on your system? You have to be actively monitoring to know.
Most social media sites will send the owner an email to say “you logged in from this IP is this you?”. These sites already have implemented security by default. For companies with legacy systems, this is not always the case. So they will never know unless they redesign their security framework.
What if you are an application administrator and your password was hacked? Well, you are doomed. Unless you have a process that informs you when data over a certain number of rows have been retrieved and notifies you, you will not know. Or perhaps you have an algorithm that notices unusual pattern in your access and typing and sends you an email. Assuming the hacker does not get there first.
Let’s face it the prominent hackers are not going to retrieve data row by row? They are going for your whole database or whole directory files and disk.
As part of your security framework for your company, you have to implement security for:
data at rest and in transit
monitor changes to files
monitor changes to directories
remove all unused applications
change passwords regularly* avoid using default usernames and passwords, and that includes using your name as a username.
Limit the number of times a user can try to log in
Lock user out ofter x number of tries
Force password change after x number of tries
Encrypt your data by default
Protect your users from themselves. Educate them on security matters
Users should avoid clicking on links in their email. Check who it is sent from first.
This is by no means an exhaustive list, but it is a start. Check all gates to your systems and secure them.
*The frequency of password change should be assessed by individual companies. We now have GPU’s that allows hackers to run code-breaking algorithms quicker. Think of ways to break their tries.
Deutsche Börse buys majority shares in Quantitative Brokers – an independent provider of advanced execution algorithms and data-driven analytics for global futures, options, and interest rate for expansion in the buy-side markets.
The transaction repositions Deutsche Börse closer to the source of trading interest in the buy-side value chain.
Creates synergies in quant competency with Quantitative Brokers
Thomas Book, Head of the Trading & Clearing Division of Deutsche Börse and Member of the Executive Board: “We are investing in a growth business with a renowned, innovative and leading quant team delivering a unique set of competencies in algorithmic execution. The exciting QB platform and team are a perfect fit with both our existing business and our long-term strategic perspective.”
Christian Hauff, CEO and co-founder of Quantitative Brokers: “The QB team is thrilled to join Deutsche Börse’s portfolio of strategic companies to accelerate further our institutional client uptake and global expansion across markets and asset classes. Our partnership with a 30 billion-dollar, global, multi-asset exchange group will provide even greater momentum to our growth plans.”
Robert Almgren, Chief Scientist and co-founder of Quantitative Brokers: “Deutsche Börse’s global relationships with buy and sell-side customers will help us add value to an even broader range of clients. Our intelligent solutions will provide them with additional tools to better manage order execution in an increasingly complex market environment.”
Let us first define the challenge, which is to open different parts of the global economy in a synchronous manner that is multi-connected to various geolocations simultaneously with heterogenous health risk profiles.
The global geolocation opening solution for every given location or region is to create an algorithmic output, that sequences the timing of opening for every geolocation based on the acceptable minimum health risk tolerance profile for all its connected geolocations, both domestic and global.
The global geolocation opening solution is achieved using a comprehensive standardised database for all the geo-connected health risk profile. The economic opening algorithm then gives the optimum opening date for every geo-connected location or region, ensuring continuously that the minimum health risk exposure is respected based on its real-time health risk data capture.
Let me start by defining a digital economy as a collection of known and newly-added markets, each made of traceable, verifiable, auditable, transparent, coherent and economic value-oriented transactions between legal sellers and buyers of services and products that can be digitally reversible, if permissible by a digital intelligent contract, based on a set of digital regulatory lifecycles captured in a given market ecosystem.
The design of any digital platform requires the ability to create a new autonomous market, using a designated internal API in onboarding new markets, in an orderly and fair manner. A New digital market should utilise innovation hubs, to allow incorporation of viable tested digital markets, shared services, products, participants, market structure, updatable system innovation and transactions. Every market should support a versioned system component until it is superseded by a new version. Each digital market can have a static or dynamic market scope — national, regional, system-defined or international reach.
Any digital onboarding process requires a digital business case that is reviewed against market factors that can be defined by the digital market listing risk framework.
A digital market structure is configured with an associated single or multiple market infrastructure based on market scope. The market infrastructure interface allows interoperability of markets and transactions. The market availability is real-time with 24/7 – global, region, country-group or country-specific services. For maximum flexibility, platforms can allow configurable business opening and closing daily operational times. A digital market should allow the inclusion and exclusion of markets by regulatory jurisdictions.
Each component of a digital economy, market or transaction requires the business concept of activation, deactivation and migration. Some digital markets will have limits and trigger thresholds and the ability to set transaction chains for transaction completion.
Every market needs an internal notification mechanism to alert its digital monitoring authority regarding any internal market dislocation, signalling a market resolution or intervention process. In this architecture, market disruptions are kept to a minimum enabling high availability. A dynamic rerouting digital service can be inherently enabled to allow internal market repair and resilient in situations of supply or demand disruptions in a given market structure.
Every digital market mandates a form of risk identification and management framework with reporting capabilities to both internal and external stakeholders. Stakeholders require a mechanism for resolving of services and product delivery disruptions.
A digital market might require a central regulator, which can be a dynamic smart super participant in a given market or markets to administer the role of market or service governance. The architecture of a digital market should be flexible to accommodate data privacy, data protection, multi-currency product pricing, cross-broader transactions, digital payment services, digital central bank currency options, digital central bank settlement options, secured digital vault, digital ledger mechanism as a single source of truth, unsupervised autonomous AI embedded with accountability and explainability using acceptable human assistance.
A digital market utilises a market surveillance system and a digital business architect required in creating new digital markets, services, products and transactions, enabling public or private market access to eligible market participants.
A digital market might incorporate the concept of market equivalence based on regulatory eligibility, market development governance principles. A digital market can adopt multiple linguistic digital-platform in a multi-cultural country or international market settings.
A new digital economy is like learning a dynamic language, where both the public and private sector are continually collaborating for the advancement of each participant in the service and product delivery chain, using the optimum supply delivery mechanism for all internal and external stakeholders.
A new digital market or platform operates on the foundation of the unity of all stakeholders to create a new inclusive, fair industry-agnostic market.
Every digital market or platform — domestic, regional and international will cater equally for both wholesale and retail participants in the delivery of services, products and value.
Each new digital market needs to be transparent in onboarding all sellers and buyers for available services and products using a multi-currency pricing order model capture in compliance regarding the associated regulations, if permissible.
Every participant should have both market and transactions specific profile, which assist in managing digital market risk. Participants should be able to define acceptable market criteria.
A digital market needs a pricing strategy that uses either a combination of positive prices, negative prices, discount prices with transaction settlement in cash, securities, digital securities, digital-money, asset-based digital money like a stable coin.
A vital aspect of any digital market is the robustness of its pricing mechanism being flexible to accommodate both price-driven and algorithm-driven by AI. The AI algorithm should be flexible and configurable to be triggered by market tradable indicators or trends.
A digital market should have the capacity to notify all market participants of new unforeseen market trends.
Each digital market will support transactional scalability in domestic, regional and international markets. A digital market needs the inherent capacity to adjust in an orderly manner to any disruptions to supply or demand of services and products.
The scale, nature and complexity of a digital market mandate a digital change-manager that mimics enterprise-wide changes weighted by stakeholders consent. A digital market needs the features of digital meeting, digital communication and digital collaboration from any system defined geolocation.
Every digital economy needs to shield its architecture from the following changes — technology, business model, regulatory, product and service with the addition of cyber-secure by design and default.
A digital market should have its communications API, internal process status reporting, critical business process dashboard, market thresholds, market trends analysis, settled transaction status etc.
Creating new digital markets will be the hallmark of the innovation cycle by delivering services and goods globally.
One of the key strategy of a digital ecosystem is transforming all data assets into continuous profit for its stakeholders, using innovative business models driven by a combination of DLT, AI, cloud and edge computing.
Strategic benefits can be initially realised from embedding automatic business and database processes in all enterprise solution, without manual interventions .The digital solution ecosystem, needs to support self-updaying process by design and default.
A practical application in a digital exchange model will be a smart exchange ecosystem that allows automated business case and model introduction using an updatable digital market structure supported with multi-jurisdiction digital regulatory inputs in facilitating a globally scalable digital exchange.
A vertically integrated digital exchange will then operate as a dynamic chains of financial digital services, fulfilling the entire lifecycle of services such as asset listing, trading,banking, insurance, asset management, clearing , settlement , payment and custody services.