WFE publishes update on industry cyber efforts during the pandemic

Published by: Nandini Sukumar, Chief Executive Officer, The World Federation of Stock Exchanges May 2020

The World Federation of Exchanges (WFE), the global industry group for exchanges and CCPs, has published a report detailing measures the industry has taken to adapt and enhance existing cyber resilience tools during the pandemic, as exchanges and CCPs across the world successfully moved to operate remotely.

Cybersecurity is consistently in the top quartile of exchange and CCP focus, according to the WFE’s regular surveys of membership priorities. Across the membership, market infrastructures have dedicated time and resources to contingency planning and the associated cybersecurity requirements. These efforts are typically subject to regulatory and supervisory scrutiny, as well as in-house or external auditor stress testing.

Among the specific challenges that market infrastructures have had to address during the pandemic: mass remote-working arrangements, remote collaboration tools such as video and audio-conferencing applications and third-party risk have taken on greater importance and required creative measures to manage them.

WFE members have all benefited from the use of established practices operating under dedicated teams and, where appropriate, standing up additional resources to facilitate the continued delivery of a safe and efficient marketplace.

These measures, and the shared learning from them, were coordinated at industry level by the WFE’s Cyber Security Working Group (GLEX) which forms part of the front line in the industry’s defence against cyber-attacks.

Nandini Sukumar, Chief Executive Officer, the WFE said: “As markets and businesses have grown electronic, market infrastructures now devote a greater amount of resource and time to ensure cyber resilience than ever before. When the current world-wide pandemic situation, hopefully, lessens and countries and companies implement measured return to work procedures, WFE members recognise there will be a new normal operating environment for all in which such measures must continually be monitored, reviewed and implemented to protect against future threats.”