Showing posts with label Cybersecurity. Show all posts
Showing posts with label Cybersecurity. Show all posts

Monday, April 26, 2021

25/4/21: Impact Finance perspective of the systemic threats to blockchain applications

 

New paper (pre-print version): 

Gurdgiev, Constantin and Fleming, Adam, Informational efficiency and cybersecurity threats: A Social Impact Finance perspective of the systemic threats to blockchain applications (April 25, 2021). Forthcoming, Chapter 12 in Innovations in Social Finance: Transitioning Beyond Economic Value, eds. Thomas Walker, Jane McGaughey, Sherif Goubran, and Nadra Wagdy, Palgrave Macmillan, 2021, Available at SSRN: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3834032

Abstract: 

Crypto-assets and blockchain technologies hold the promise of providing more secure systems for managing public and private data, enhancing public trust in data collection, and increasing the efficiency of social impact finance transactions. However, to-date, blockchain technologies have struggled to deliver on these promises. Specifically, cybersecurity threats to blockchain technologies are accelerating and becoming more impactful over time, generating growing risk to the use of the blockchain technologies in social impact finance services provision. Our analysis data on cybersecurity breaches involving cryptocurrencies trading platforms from 2014 through 2019 shows that cryptocurrencies markets have, to-date, failed to develop informational efficiencies necessary to sustain these technologies’ deployment in impact finance. Faced with increasing cybersecurity threats permissionless blockchain systems appear to be more vulnerable to shocks, than they were in the past. Cyber breaches in the cryptocurrency markets create major risk contagion pathways, which are dramatically increasing volatility of both directly attacked currencies and other major cryptocurrencies; as well as present an increased risk of system-wide attacks that threaten not only the accounting and transactional accuracy and efficiency of the crypto-based fintech solutions, but also the data stored using public blockchain protocols. These findings lead us to conclude that, absent dramatic improvements in the regulation of cryptocurrencies and exchanges, public blockchains based on traded crypto-assets are not suitable for large scale deployment in social impact finance applications.




Saturday, September 21, 2019

20/9/19: New paper: Systematic risk contagion from cyber events


Our new paper, "What the hack: Systematic risk contagion from cyber events" is now available at International Review of Financial Analysis in pre-print version here: https://www.sciencedirect.com/science/article/pii/S1057521919300274.

Highlights include:

  • We examine the impact of cybercrime and hacking events on equity market volatility across publicly traded corporations.
  • The volatility generated due to cybercrime events is shown to be dependent on the number of clients exposed.
  • Significantly large volatility effects are presented for companies who find themselves exposed to hacking events.
  • Corporations with large data breaches are punished substantially in the form of stock market volatility and significantly reduced abnormal stock returns.
  • Companies with lower levels of market capitalisation are found to be most susceptible to share price reductions.
  • Minor data breaches appear to be relatively unpunished by the stock market.

Wednesday, April 25, 2018

25/4/18: Dombret on the Future of Europe


An interesting speech by y Dr Andreas Dombret, Member of the Executive Board of the Deutsche Bundesbank, on the future of Europe, with direct referencing to the issues of systemic financial risks (although some of these should qualify as uncertainties) and resilience of the regulatory/governance systems (I wish he focused more on these, however).

Sunday, March 25, 2018

25/3/18: Quantum computing and cyber security: a perfectly VUCA mix?

One interesting topic worth discussing in the context of VUCA and systemic resilience is quantum computing. The promise of quantum computing offers a prospect of altering completely the existent encryption methods effectiveness. 

Here is one view:  https://www.sciencedirect.com/science/article/pii/S1361372317300519 suggesting that quantum computing is not a threat to current cryptographic systems, although the core argument here is that it is not a threat in its current state.



There is a lot of technical stuff involved, but an interesting topic from geopolitical risks perspective for sure, and involves long term strategic positioning by the usual adversaries, the U.S. and China. 



Thursday, September 7, 2017

7/9/17: What the Hack: Systematic Risk Contagion from Cyber Events


We just posted three new research papers on SSRN covering a range of research topics.

The second paper is "What the Hack: Systematic Risk Contagion from Cyber Events", available here: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3033950.

Abstract:

This paper examines the impact of cybercrime and hacking events on equity market volatility across publicly traded corporations. The volatility influence of these cybercrime events is shown to be dependent on the number of clients exposed across all sectors and the type of the cyber security breach event, with significantly large volatility effects presented for companies who find themselves exposed to cybercrime in the form of hacking. Evidence is presented to suggest that corporations with large data breaches are punished substantially in the form of stock market volatility and significantly reduced abnormal stock returns. Companies with lower levels of market capitalisation are found to be most susceptible. In an environment where corporate data protection should be paramount, minor breaches appear to be relatively unpunished by the stock market. We also show that there is a growing importance in the contagion channel from cyber security breaches to markets volatility. Overall, our results support the proposition that acting in a controlled capacity from within a ring-fenced incentives system, hackers may in fact provide the appropriate mechanism for discovery and deterrence of weak corporate cyber security practices. This mechanism can help alleviate the systemic weaknesses in the existent mechanisms for cyber security oversight and enforcement.



Sunday, April 16, 2017

15/4/17: Swift & Digital Money: Cybersecurity Questions


Swift, the interbank clearance system, has been the Constantinople of the financial world's fortresses for some time now. Last year, writing in the International Banker (see link here), I referenced one cybersecurity incident that involved Swift-linked banks, and came close to Swift itself, although it did not breach Swift own systems. The response from Swift was prompt, pointing out that there has never been a cybersecurity breach at Swift.

Well, it appears that the fortress is no more. Latest reports suggest that NSA (a state actor in cybersecurity world) has successfully breached Swift firewalls. Details are here:
http://www.reuters.com/article/us-usa-cyber-swift-idUSKBN17H0NX.

From financial services and economy perspective, this is huge. Take a macro view: for years we have been told that cash and physical gold and silver are not safe. And for years this argument has been juxtaposed by the alleged 'safety' of digital money (not the Bitcoin and other cryptos, which the Governments loath and are keen on declaring 'unsafe', but state-run Central-Banks-operated digital money). The very notion of e-finance or digital finance rests on the basic tenet of infallibility of Swift. That infallibility is now gone. Welcome to the brave new world where the Governments promise you safe digital money in exchange for privacy and liquidity, while delivering a holes-ridden dingy of a system that can and will be fully compromised by the various states' actors and private hackers.

Come here, doggie, doggie! Have a treat...

Monday, October 24, 2016

24/10/16: Hacktivism on the rise? Welcome to the well-predicted future


Given a rising prevalence and impact of the cyber attacks in recent weeks, here are some slides from my February 2016 course notes on ERM with warnings about the same back at the end 2015 - start of 2016:











Monday, June 13, 2016

13/6/16: Twin Tech Challenge to Traditional Banks


My article for the International Banker looking at the fintech and cybercrime disruption threats to traditional banking models is out.

The long-term fallout from the 2008 global financial crisis created several deep fractures in traditional-banking models. Most of the sectoral attention today has focused on weak operating profits and balance-sheet performance, especially the risks arising from the negative-rates environment and the collapse in yields on traditional assets, such as highly rated sovereign and corporate debt. Second-tier concerns in boardrooms and amidst C-level executives relate to the continuously evolving regulatory and supervisory pressures and rising associated costs. Finally, the anemic dynamics of the global economic recovery are also seen as a key risk to traditional banks’ profitability.

However, from the longer-term perspective, the real risks to the universal banks’ well-established business model come from an entirely distinct direction: the digital-disruption channels that simultaneously put pressure on big banks’ core earnings lines and create ample opportunities for undermining the banking sector’s key unique selling proposition—that is, security of customer funds, data and transactions, and by corollary, enhancing customer loyalty. These channels are FinTech innovations—including rising data intensity of products on offer and technological threats, such as rising risks to cybersecurity. This two-pronged challenge is not unique to the banking sector, but its disruptive potential is a challenge that today’s traditional banking institutions are neither equipped to address nor fully enabled to grasp.

Read more here: Gurdgiev, Constantin, Is the Rise of Financial Digital Disruptors Knocking Traditional Banks Off the Track? (June 13, 2016). International Banker, June 2016. Available at SSRN: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2795113.