Skip to main content
MENU
Subscribe
  • Sign Up Free
  • LOGIN
  • Subscribe
  • Topics
    • Alternatives
    • Consultants
    • Coronavirus
    • Courts
    • Defined Contribution
    • ESG
    • ETFs
    • Face to Face
    • Hedge Funds
    • Industry Voices
    • Investing
    • Money Management
    • Opinion
    • Partner Content
    • Pension Funds
    • Private Equity
    • Real Estate
    • Russia-Ukraine War
    • SECURE 2.0
    • Special Reports
    • White Papers
  • Rankings & Awards
    • 1,000 Largest Retirement Plans
    • Top-Performing Managers
    • Largest Money Managers
    • DC Money Managers
    • DC Record Keepers
    • Largest Hedge Fund Managers
    • World's Largest Retirement Funds
    • Best Places to Work in Money Management
    • Excellence & Innovation Awards
    • WPS Innovation Awards
    • Eddy Awards
  • ETFs
    • Latest ETF News
    • Fund Screener
    • Education Center
    • Equities
    • Fixed Income
    • Commodities
    • Actively Managed
    • Alternatives
    • ESG Rated
  • ESG
    • Latest ESG News
    • The Institutional Investor’s Guide to ESG Investing
    • ESG Sustainability - Gaining Momentum
    • Climate Change: The Inescapable Opportunity
    • Impact Investing
    • 2022 ESG Investing Conference
    • ESG Rated ETFs
  • Defined Contribution
    • Latest DC News
    • DC Money Manager Rankings
    • DC Record Keeper Rankings
    • Innovations in DC
    • Trends in DC: Focus on Retirement Income
    • 2022 Defined Contribution East Conference
    • 2022 DC Investment Lineup Conference
  • Searches & Hires
    • Latest Searches & Hires News
    • Searches & Hires Database
    • RFPs
  • Performance Data
    • P&I Research Center
    • Earnings Tracker
    • Endowment Returns Tracker
    • Corporate Pension Contribution Tracker
    • Pension Fund Returns Tracker
    • Pension Risk Transfer Database
    • Future of Investments Research Series
    • Charts & Infographics
    • Polls
  • Careers
  • Events
    • View All Conferences
    • View All Webinars
    • 2023 Defined Contribution East
    • 2023 ESG Investing
Breadcrumb
  1. Home
  2. CYBERSECURITY
January 04, 2018 12:00 AM

Wall Street aims to thwart a hacking nightmare for 401(k) accounts

Bloomberg
  • Tweet
  • Share
  • Share
  • Email
  • More
    Reprints Print
    Bloomberg

    U.S. financial firms plan to expand a secretive project protecting bank accounts against crippling cyberattacks so that it will also guard trillions of dollars in investment funds.

    The industry-led project, called Sheltered Harbor, already is known to back up data for savings and checking accounts. But quietly, it's wrapping in data on retail brokerage accounts at some of the nation's largest firms, according to participants. And ultimately, the goal is to expand it to an even heftier pool of 401(k) accounts and pension funds, whose breach could upend global markets.

    Sheltered Harbor, which began coming to light over the past year, already includes about 50 firms that collectively hold roughly two-thirds of retail bank accounts. The project relies on a "buddy system," in which companies pair off, promising to step in for their partner with a backup set of account information if hackers succeed in erasing or locking up files.

    The idea came in 2014 after hackers ravaged Sony Corp.'s U.S. film unit, deleting troves of data while leaking upcoming movies and embarrassing emails. But in this case, the global financial system is at stake.

    "Being able to restore a network quickly is one of the most crucial elements for coping with cyberbreaches and increasing resilience," said Edward Stroz, co-founder and co-president of Stroz Friedberg, a cybersecurity firm. "Sheltered Harbor is the financial industry's way of showing how it can perform disaster recovery and thus maintain consumer confidence."

    After the Sony attack, bankers conducting periodic cybersecurity exercises realized that a similar assault, even on a relatively small firm, could damage confidence in the financial system. One worry is that consumers could be spooked by a severe attack on one bank, then rush to pull funds from their own institutions, setting off a sweeping run. A similar scenario could play out with securities accounts.

    Sheltered Harbor's members include the nation's largest lenders, such as J.P. Morgan Chase, Bank of America and Citigroup, as well as U.S. regional banks and some smaller firms (other names are secret like many other details). It's a subsidiary of the Financial Services Information Sharing and Analysis Center, whose nearly 7,000 members range from multitrillion-dollar asset managers like State Street Corp. to retirement plan providers, insurers and other financial firms of all sizes.

    Though a number of big firms have kept daily backups stored in secret mountain hideouts for years, that's not much help without a functioning network. So, Sheltered Harbor's members use a standard format to back up account data and collaborate with a partner company that can take over in an emergency.

    If one company's computer system is devastated, the backup account data can be activated on the partner's network, giving affected customers access to their accounts within 24 hours or so. Pairs are tasked with carrying out periodic exercises, using sample data to ensure they can recreate the other's services.

    The hope is that a stricken bank would soon restore its systems — hopefully within a few days — and resume control of its accounts.

    Systemic focus

    The aim is to prevent a stampede of retail clients. There's no plan to expand Sheltered Harbor to wholesale, institutional clients of the firms, according to executives.

    For the largest banks, whose institutional client businesses are probably just as large and important as their vast retail networks, the danger is that a disruption would still irreparably harm the company's reputation and business. But the point is to guard the broader financial system.

    In fact, some executives see Sheltered Harbor as a tool for resolution not recovery — as the regulators unwind the firm that has collapsed due to a cyberattack, its partner can provide access to retail accounts quickly.

    "Sheltered Harbor doesn't address the operational resiliency of member firms," said Trey Maust, who became CEO of the industry-funded operation this week. "Firms have their own continuity plans, and those typically address how to get back on one's feet after such a disruption quickly without losing clients or business."

    Complicated accounts

    Because some of the largest banks in the group operate major retail brokerages, data for those accounts already are included in the backups. Yet, organizers are still working out how to provide continuity for those operations.

    Offering basic payments capabilities for checking and savings accounts is relatively straightforward. But practices vary among firms for helping brokerage clients buy and sell equities, fixed-income products and other instruments — making it much more complicated.

    "You could have two different partners, one for your checking and savings accounts restoration, one for your brokerage accounts," said Sheltered Harbor's Mr. Maust. "But both partners need to have transaction capability."

    Related Articles
    Cybersecurity breaches cost companies billions in value; financial companies hi…
    SEC needs to up its cybersecurity game, Clayton tells Senate
    Cybersecurity becoming big ESG concern
    Cybersecurity getting attention of companies, too
    Cybersecurity, big data headline P&I's defined contribution conference
    Express Scripts clashes with DiNapoli over cyberrisk disclosure
    SEC issues guidance on corporate cybersecurity disclosure to investors
    Commentary: Actions speak louder than words when it comes to cybersecurity
    Investment Association calls on money managers to collaborate on cybersecurity …
    Recommended for You
    ONLINE_190219935_AR_0_LOVNYGAFDXAZ.jpg
    Missouri Public Schools experiences email breach
    Will Hansen
    DOL guidance welcomed but some want it to go further
    San Francisco data breach could affect 74,000 participants
    San Francisco data breach could affect 74,000 participants
    The Institutional Investor's Guide to ESG Investing
    Sponsored Content: The Institutional Investor's Guide to ESG Investing

    Reader Poll

    January 25, 2023
    SEE MORE POLLS >
    Sponsored
    White Papers
    Show Me the Income: Discovering plan sponsor and participant preferences for cr…
    The Future of Infrastructure: Building a Better Tomorrow
    Outlook 2023: Opportunity in a volatile world
    Research for Institutional Money Management
    View More
    Sponsored Content
    Partner Content
    The Industrialization of ESG Investment
    For institutional investors, ETFs can make meeting liquidity needs easier
    Gold: the most effective commodity investment
    2021 Investment Outlook | Investing Beyond the Pandemic: A Reset for Portfolios
    Ten ways retirement plan professionals add value to plan sponsors
    Gold: an efficient hedge
    View More
    E-MAIL NEWSLETTERS

    Sign up and get the best of News delivered straight to your email inbox, free of charge. Choose your news – we will deliver.

    Subscribe Today
    December 12, 2022 page one

    Get access to the news, research and analysis of events affecting the retirement and institutional money management businesses from a worldwide network of reporters and editors.

    Subscribe
    Connect With Us
    • RSS
    • Twitter
    • Facebook
    • LinkedIn

    Our Mission

    To consistently deliver news, research and analysis to the executives who manage the flow of funds in the institutional investment market.

    About Us

    Main Office
    685 Third Avenue
    Tenth Floor
    New York, NY 10017-4036

    Chicago Office
    130 E. Randolph St.
    Suite 3200
    Chicago, IL 60601

    Contact Us

    Careers at Crain

    About Pensions & Investments

     

    Advertising
    • Media Kit
    • P&I Content Solutions
    • P&I Careers | Post a Job
    • Reprints & Permissions
    Resources
    • Subscribe
    • Newsletters
    • FAQ
    • P&I Research Center
    • Site map
    • Staff Directory
    Legal
    • Privacy Policy
    • Terms and Conditions
    • Privacy Request
    Pensions & Investments
    Copyright © 1996-2023. Crain Communications, Inc. All Rights Reserved.
    • Topics
      • Alternatives
      • Consultants
      • Coronavirus
      • Courts
      • Defined Contribution
      • ESG
      • ETFs
      • Face to Face
      • Hedge Funds
      • Industry Voices
      • Investing
      • Money Management
      • Opinion
      • Partner Content
      • Pension Funds
      • Private Equity
      • Real Estate
      • Russia-Ukraine War
      • SECURE 2.0
      • Special Reports
      • White Papers
    • Rankings & Awards
      • 1,000 Largest Retirement Plans
      • Top-Performing Managers
      • Largest Money Managers
      • DC Money Managers
      • DC Record Keepers
      • Largest Hedge Fund Managers
      • World's Largest Retirement Funds
      • Best Places to Work in Money Management
      • Excellence & Innovation Awards
      • WPS Innovation Awards
      • Eddy Awards
    • ETFs
      • Latest ETF News
      • Fund Screener
      • Education Center
      • Equities
      • Fixed Income
      • Commodities
      • Actively Managed
      • Alternatives
      • ESG Rated
    • ESG
      • Latest ESG News
      • The Institutional Investor’s Guide to ESG Investing
      • ESG Sustainability - Gaining Momentum
      • Climate Change: The Inescapable Opportunity
      • Impact Investing
      • 2022 ESG Investing Conference
      • ESG Rated ETFs
    • Defined Contribution
      • Latest DC News
      • DC Money Manager Rankings
      • DC Record Keeper Rankings
      • Innovations in DC
      • Trends in DC: Focus on Retirement Income
      • 2022 Defined Contribution East Conference
      • 2022 DC Investment Lineup Conference
    • Searches & Hires
      • Latest Searches & Hires News
      • Searches & Hires Database
      • RFPs
    • Performance Data
      • P&I Research Center
      • Earnings Tracker
      • Endowment Returns Tracker
      • Corporate Pension Contribution Tracker
      • Pension Fund Returns Tracker
      • Pension Risk Transfer Database
      • Future of Investments Research Series
      • Charts & Infographics
      • Polls
    • Careers
    • Events
      • View All Conferences
      • View All Webinars
      • 2023 Defined Contribution East
      • 2023 ESG Investing