How to Plan for Withstanding a Cyber Attack on Market Maker Company — Part 1

Today market volatility creates enormous business opportunities for the finance world, and determined cybercriminals have started to recognize brokers and market maker companies as viable targets. Today we’ll take a look at how to withstand a cyber attack of an advanced and determined attacker against a fintech or specifically — a market maker company.

First, our technology infrastructure should be designed to complicate movement from an attacker and disaggregate cybersecurity and resilience risks for different kinds of workloads. For a fintech company, there would be 3 key security zones:

1. Production (and related Pre-production).

2. R&D.

3. Corporate (and related User zone).

Each security zone would get its own:

• Security protocols, including access model and patching timelines;
• Zone/asset owner — who is going to lose his job if this zone gets hacked or improperly managed?
• RPO (recovery point objective)/RTO (recovery time objective) to assist in father planning for fault tolerance, backup and disaster recovery measures.

Second, moving between security zones should require passing a security checkpoint (or so-called security policy enforcement point). This could be M2M (machine-to-machine) checkpoints or user access checkpoints.

We can break down access checkpoints to:

1. Security gates that prevent data from extraction or limit access to only those who are authorized.
2. Security checks — 2 factor authentication (SMS/mobile app), security keys, biometric security keys etc.

Matching security zone to an access checkpoint would be a unique mix for a specific FinTech company, taking into account which markets it serves (regulated or not), whether it has a payment gateway (further, we assume it does), and has it become known a known pot of money (target) for cybercrime or nation-state actors.

Third, making an attacker's life harder means segregating workloads exposing them to the minimum required for serving an end-user.

Examples of risk disaggregation means are as follows:

• Frond-end and back-end workloads cannot share the same Kubernetes cluster. If it fails or is hacked an entire platform would be in trouble.
• Backup and infrastructure management tools (DevOps) have to be kept separate from the workloads they manage;
• Prod and Pre-Prod have to be separate to avoid breaking Prod while performing testing or troubleshooting Production issues;
• CDN & application load balancing technology are introduced, as well as microservices architecture is employed to enjoy scaling and cloud services where required;
• The multi-cloud approach is in place (for higher maturity environments) where an organization does not depend anymore on a sole cloud provider.

That’s it for today, further in How to Plan for Withstanding a Cyber Attack on Market Maker Company — Part 2 we’ll discuss risk control, application security, security operations and business continuity controls for rainy day scenario. As for sustainable cyber resilience framework implementation NIST Cybersecurity Framework can help too.