UBS Rogue Trader: An Enterprise Security Wake-Up Call

The arrest of a rogue stock trader at UBS, one of the world s largest and most recognized banks, should serve as a wake-up call to all enterprises that many security threats actually come from inside their organization rather than from outside, according to security experts.

London police arrested a rogue trader with the Swiss bank on Sept. 15. In a terse four-line statement, UBS said the trader is suspected of causing an estimated $2 billion loss due to unauthorized trades. No client positions appear to have been affected.

While UBS has not named the trader, the Financial Times identified him as Kweku Adoboli, a director in European equity trading for the Zurich-based bank.

The UBS incident echoes what cyber-security experts have been saying for a while now: insiders are among the biggest threats facing organizations.

Damages inflicted on financial firms by managers, sales staff and other non-technical personnel averaged about $800,000 per organizations, according to figures collected by Carnegie Mellon’s CERT Program, a federally funded research center in the school’s Software Engineering Institute.

Organizations are "building walls" around the networks to keep malicious perpetrators out, but having difficulty defending against "potential menaces that are already on the inside of the fence," said Gregory Shannon, chief scientist at CERT. Nearly half of all inside attackers at financial services firms conspired with outsiders, and a third worked with colleagues to commit cyber-crimes, according to Shannon. Employees have also stolen intellectual property and sabotaged systems.

For more, read the eWeek article UBS Rogue Trader Underscores Insider Threats Facing Enterprises.

CIO Insight Staff
CIO Insight Staff
CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need network monitoring technology and solutions to maintain regulatory compliance for their teams and organizations.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles