Business

NZX looks to strengthen cybersecurity

14:38 pm on 21 December 2020

The stock exchange operator plans to beef up its investment in technology following disruption earlier this year from settlement, clearing glitches, and heavy-duty cyber attacks, but how much it will cost and who will pay is still to be figured out.

NZX chief executive Mark Peterson. Photo: RNZ / Dom Thomas

The NZX commissioned two reports on the problems, admitting it did not meet its own standards in certain areas of its technology systems.

Chief executive Mark Peterson said the reports made a number of recommendations.

"Recommendations included formalising the Technology Sub Committee of the NZX Board, enhancing its working relationship and communications with the ecosystem, a range of technical hygiene improvements which includes extending crisis management planning and bolstering NZX's IT organisational structure with some specific specialist skill sets."

He said a major upgrade to its core trading system would begin in March next year.

"This includes enhancing the Securities IT team and cybersecurity counter-measures, with related pricing to market participants to be considered."

The work would have an ongoing impact on costs, but would not be reflected in the company's 2020 result.

"The board has not yet considered the consequences on pricing for NZX services, but some cost recovery process is likely."

The NZX would work with the Financial Markets Authority to develop a plan regarding its technology resilience, and once this had been formalised it would be able to give a better idea of cost.

Some work has already been done - to increase the resilience and stability of its systems as well as strengthening its Distributed Denial of Service (DDoS) defences - following the cyber attacks.