On December 9, 2015, Wells Fargo Prime Services and Eze Castle Integration hosted a panel on cybersecurity to discuss the current landscape. The panel featured leading industry experts including:
Eldon Sprickerhoff, Founder & Chief Security Strategist, eSentire
Stuart Levi, Partner, New York, Skadden, Arps, Slate, Meagher & Flom LLP
Vinod Paul, Managing Director, Eze Castle Integration
Timothy O’Brien, Supervisory Special Agent, Cyber branch, Federal Bureau of Investigation – New York Office.
Marc P. Berger, Partner, Government Enforcement, Ropes & Gray LLP
Marc Berger’s opening statements emphasized the extent of the cybersecurity threat currently facing firms across a wide swath of industries. He quoted FBI Director James Comey, who stated: “There are two kinds of big companies in the United States. There are those who’ve been hacked … and those who don’t know they’ve been hacked ….” (FBI Director James B. Comey, 60 Minutes, CBS TV Interview, October 5, 2014). Alarming statistics from the Ponemon Institute’s 2015 Cost of Cyber Crime Study, conducted with HP Enterprise Security, found that the average cost to resolve a single cybersecurity incident is $1.9M, and the average time to resolve is 46 days. Perpetrators range from nation-state-sponsored hackers and disgruntled/rogue employees to organized crime units, activists, and other thieves.
Times have changed. There is little doubt that the hedge fund industry has evolved in recent years with the rise of new regulations, the wide spread adoption of cloud services and deep focus on cybersecurity risks. These changes have affected the way many firms do business on both operational and technology levels.
But what effect do these changes have for the person responsible for technology at a hedge fund or investment firm? As a Chief Technology Officer (or comparable role: Director of IT, Chief Information Officer, etc.), one has historically been responsible for day-to-day IT functions and routine technology refreshes. But as the industry has experienced rapid change over the last several years, so too have the CTOs and their responsibilities.
If you’re one of the seemingly few firms who has yet to make the move to the cloud, it could be for a variety of reasons. Perhaps you want to maintain total control of your IT environment. Or maybe you’re waiting for a tech refresh to motivate you. Alternatively, it could be that you just haven’t made the proper case to management for switching to the cloud – and many times the one who really needs convincing is the Chief Financial Officer (CFO).
If you’re the Chief Technology Officer (CTO) or IT Manager, your responsibility is determining the infrastructure choices that are going to best suit operations at your firm. But those priorities may not line up exactly with those of the firm’s CFO. IT doesn’t always have insight into the financial ramifications of an operations decision of this magnitude. Instead they are typically focused on the other benefits including personnel reallocation, workflow efficiencies, etc.
The CFO, on the other hand, is ultimately tasked with ensuring the company’s financial decisions are appropriate, and therefore, it’s often advantageous to at least attempt to speak his/her language when pushing for an IT change.
To quote our latest Tech Tips video, "when things are good, they’re good. But when things turn bad, it could be downright scary," so here is our latest video that covers four signs you may be outgrowing your IT service provider.
People take vacations. Companies don’t.
Hedge funds, just like most financial firms, need staff to run their technology, handle special projects, build (and manage) complex applications and of course execute core business activities. But in many cases it is not realistic or cost-effective to keep everything in-house. Enter outsourced staffing.
Outsourced staffing options for hedge funds abound. So let’s take a look at five common outsourcing practices. If you want to learn about other areas to outsource your hedge fund's technology, read our Manager's Guide to Outsourcing here.
This article first appeared in HFMWeek's Special Report: How to Start a Hedge Fund in the EU 2015.
HFMWeek catches up with Eze Castle Integration’s executive director, Dean Hill, to discuss the importance of selecting the right business service providers and the key technology factors new funds must consider when starting out in the EU.
HFMWeek (HFM): Are you seeing a healthy market for new hedge fund launches in the EU?
Dean Hill (DH): Yes. I think going into 2016 we will see an increase in terms of the amount of new hedge fund launches across the UK and European markets. Not only are these launches coming more frequently, but their size, structure and launch AuM is greater than anything we have seen in the last two-to-three years. It is certainly on the uptake.
As cloud services continue to become increasingly popular among hedge funds and investment firms, there still seems to be an area of confusion that surrounds this technology. We've talked through Why Cloud Computing is Right for your Hedge Fund and Understanding Public, Private, and Hybrid Clouds. Now, let's look at three key elements to consider within the cloud: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).
In a SaaS model, firms are offered a complete range of applications via the Internet, all of which are managed by the hedge fund cloud provider. This means firms can forego upfront investments in servers and software licenses and pay a predictable per-user, per-month fee.
PaaS is the delivery of a computing platform over the Internet. The PaaS model enables hedge funds to create Web applications quickly without incurring the cost and complexity of buying and managing the underlying software and hardware. Firms have control over the deployed applications and environment-related settings. PaaS is great for firms creating or managing their own applications or looking for testing and development environments.
Among the many technology decisions your firm will face during the launch phase is selecting the appropriate telecommunications needs to power daily operations. High-speed Internet and voice connectivity are necessary to access market data feeds, communicate with investors and facilitate trade orders and other investment decisions. To help you make an informed decision about your voice and Internet needs, we’ve provided a few suggestions below.
The Internet, of course, is an essential vehicle for collecting and distributing market data, as well as communicating with your clients, investors and partners via email. You’ll likely find four Internet access choices, depending on availability in your area. There are benefits and drawbacks to each, as described below.
Following is an excerpt from our 21-page Guide to Hedge Fund Technology Outsourcing. Skip ahead and download the full paper HERE.
As technology continues to grow as an important competitive differentiator for hedge funds and investment firms, funds are continuing to leverage technology outsourcing as part of their operational strategies.
A variety of circumstances in the industry have driven this move to outsourcing including:
The changing economic environment as a result of the financial crisis;
Increased investor focus on transparency and operational risk; and
Rising overheard costs relative to owning, maintaining and monitoring one’s own technology infrastructure.
Hedge funds and investment firms can leverage outsourcing in a variety of ways – everything from help desks to document management, virtual Chief Technology Officers and other staff to disaster recovery plans, FIX connectivity and more. But regardless of the specific elements being outsourced, funds should look for a few baseline requirements as part of an outsourcing solution:
A secure physical infrastructure;
Efficient and reliable communications;
Data protection; and
Vendor strength and stability.
The following article originally appeared on HFMTechnology.
Although we are faced with change on a daily basis, especially in the hedge fund technology industry, keeping pace with ongoing tech metamorphoses does not come easy for everyone. Fear, the biggest contributor of hesitancy toward change, masks the opportunities innovation presents. Fear is what leads to IT limbo, and in an ever-evolving technology landscape, this effect can be crippling. However, with the support of expert IT service providers, the pains and fears of migrations and upgrades are alleviated.
In this article, we’ll examine the recent end-of-life (EOL), of operating system (OS) Windows Server 2003, its resultant challenges and how to overcome them.
Doing Nothing and Risking Everything
Windows Server 2003 extended support ended on July 14, 2015; however, not all users have made the transition to Windows Server 2012 R2. Why are firm’s remaining on an out-of-support OS?
The primary influencers are fear and a lack of sense of urgency to replace a still functioning OS. In the case of users still utilizing the legacy application, the risks they face largely outweigh the benefits. By doing absolutely nothing, firms are risking everything. As patches and bug fixes are no longer being provided, hackers have an unguarded entrance to access a firm’s sensitive information, passwords and banking accounts. This not only increases the firm’s odds of being hacked, but also raises the gravity of ensuing damages should an incident occur.
Additionally, if a firm’s network does crash that’s still deployed on Windows Sever 2003, the odds of finding expert support become increasingly limited with each passing year. This is predominantly due to the industry’s forward marching nature. An outdated system will only continue to fall behind in the race of technology, trouble shooting will take longer, future applications will fail to run, or crash the server altogether, and the cost to migrate increases concurrently as the pool of experts shrinks.
The bottom line is change is inevitable, and eventually 2003 will reach a point where the surrounding ecosystem won’t work with 2003 servers. Ultimately, MS will make it so the OS becomes inoperative as the company continues to evolve. So what can we do?