10/16/2019 | News release | Distributed by Public on 10/16/2019 13:04
Financial services firms are hit by cyberattacks 300 times more than other companies, according to a report from Boston Consulting Group. So it's no surprise that cyber-security is consistently ranked as the number one risk facing the global financial system in DTCC's Systemic Risk Barometer.
With global cyber-security spending predicted to reach US$200 billion / £144 billion per year between 2017 and 2021, investing in cyber-defenses has become a widespread priority among firms.
A key investment in forging a resilient cyber-defense is upgrading to TLSv1.2 or higher. 'DTCC already supports the latest encryption protocols in its platforms and services,' said James Lee, DTCC Chief Technology Officer 'We are asking clients to partner with us to strengthen the security of their connection(s) to DTCC to reduce the risk of their connectivity with us from being impacted.'
What is Transport Layer Security?
Transport layer security (TLS) is a protocol that provides communication security between client/server applications that communicate with each other over the Internet. It enables privacy, integrity and protection for the data that's transmitted between different nodes on the Internet. TLS is a successor to the secure socket layer (SSL) protocol.
What is Secure Sockets Layer (SSL)?
Secure Sockets Layer (SSL) is a standard protocol used for the secure transmission of documents over a network. Developed by Netscape, SSL technology creates a secure link between a Web server and browser to ensure private and integral data transmission. SSL uses Transport Control Protocol (TCP) for communication.
DTCC has accommodated clients that needed to use less than optimal encryption (e.g., SSLv3, TLSv1.0 and TLSv1.1) based on their respective preference. However, as cyber-threats against the financial sector become more frequent, complex and sophisticated, DTCC will require that TLSv1.2 encryption or higher is used by all firms who connect to DTCC beginning March 2020.
'DTCC takes the security of its clients' data seriously and continuously looks for ways to improve security,' said Andrew Gray, DTCC Chief Risk Officer 'To that end, we have identified an area of improvement to strengthen the encryption of data exchanged with DTCC to help counter emerging security threats.'
DTCC's move to a stronger encryption standard aligns with industry leaders, including Microsoft, Google, Apple and Mozilla, who have all announced their intent to end support for older / outdated browsers that do not support TLSv1.2 or higher.
'DTCC recommends that all clients ensure they are using the latest browser versions before March 2020. This will reduce the risk of connectivity issues and help ensure stronger protections for the data they transmit.' said Stephen Scharf, DTCC Chief Security Officer.
Contact [email protected] with any questions.