2 minute read
Operational Resilience: What Have U-Boats Got To Do With It?
Russia’s invasion of Ukraine has put geopolitics firmly back on the agenda. But, as we have seen, geopolitics and cyber risk are now inextricably linked. Hybrid warfare, not hybrid working, should be top of Network Managers’ agendas.
In 1942, eight German saboteurs rowed ashore on America’s East Coast, hitting land at Long Island and Miami. They had been dropped offshore by U-boats sent by Abwehr high command. Their mission? To destroy key economic infrastructure: hydroelectric plants in Niagara Falls; an aluminium company; locks on the Ohio River; a crucial piece of Pennsylvania’s railroad; and Pennsylvania Station itself. They wanted to take America out of the war, or at least demoralise its people enough to provoke civil unrest.
Hybrid economic warfare is nothing new, but the tools at malicious actors’ disposal are constantly evolving. In May, senior leaders from CSDs around the world met in Prague for the World Federation of CSDs. When they were asked “Which potential cause of systemic risk most concerns you in your market?”, 63% chose ‘cyber-attack’.
Managing Risk with Thomas Murray
Due diligence must never be a tick-box exercise. When banks fail, internal controls and procedures tend to break down as managers try everything to save the entity. When countries go to war the laws and regulations which govern asset ownership, liquidity and cross-border transactions are changed at the drop of a hat. Third Party Risk Management is about cutting through the PR and understanding fundamental risk.
Fouad Massabni, Head of ESG Commercial Offer, Societe Generale Securities Services
The cyber threat to capital markets is no longer theoretical. At the WFC, Oleksii Yudin, Chairman of the National Depository of Ukraine (NDU) described the wave of cyber-attacks that NDU suffered in the first weeks of the war. This, combined with the physical threat to NDU’s data centres in Kyiv, posed a serious threat to NDU’s mandate for asset safety in Ukraine. “A CSD cannot be allowed to fail under any circumstances,” said Yudin, because shareholders have a right to their property. NDU rapidly moved a data centre to western Ukraine and set-up cloud DR, if the first days of the war had gone differently, who knows how long it would have taken to recover records of holder rights.
Orbit Risk is the only comprehensive solution for Network Managers to monitor risk centrally. Orbit Diligence automates and digitised the DDQ process, Orbit Security allows you to monitor companies’ cyber security posture with data-driven ratings, and Orbit Intelligence gives you access to Thomas Murray’s unique suite of post-trade risk assessments, validated with on-the-ground due diligence, and realtime market intelligence from our unique network of support banks.
We are proud to be using the TNF Annual Meeting 2023 to formally launch our Cyber Risk Advisory practice. Join our cyber security experts at 8am on Thursday, 22 June to find out ‘How to break into a bank (and not get away with it)’.
Roland Thomas Associate Director Thomas Murray
*Source: World Economic Forum - Nature Risk Rising: Why the Crisis Engulfing Nature Matters for Business and the Economy World Economic Forum (weforum.org)
**Source: AFG Study Exercice des droits de vote par les sociétés de gestion en 2022 (afg.asso.fr)
