Information technologies in the Moscow Exchange

History

2022

TAdviser interview with information security director Sergei Demidov

In October 2022, in the format of an interview, Sergey Demidov, Director of the Information Security Department, Moscow Exchange Group, took part in the TAdviser IT Security Day 2022 conference. Read more here.

5 New Calls for Information Security Director - Mosbirzhi Version

Information security issues in 2022 have become even more relevant than before. On the one hand, against the background of intensified cyber attacks, it is necessary to strengthen protection, and on the other hand, it is necessary to do this taking into account new challenges. How this can be done, said Sergey Demidov, director of the information security department of the Moscow Exchange group, speaking at the TAdviser SummIT conference on May 31, referring to the experience of his organization.

One of the calls is the need for import substitution, while the perimeter is blurred. The latter is due to the fact that during the pandemic, most of the employees of Mosbirzh switched to remote work. And in 2022, the Moscow Exchange, like many on the market, began to more actively attack cyber attackers. The main risk turned out to be that the company has a wide perimeter: because Mosbirge has a lot of its own IT development, it has test stands, and various management interfaces, etc. There was a dilemma: on the one hand, it is impossible to get rid of remote work, and on the other, you cannot afford such a wide perimeter.

Due to the fact that against the background of sanctions and the departure of Western vendors, some import solutions began to turn into a "pumpkin," the issue of import substitution became even more relevant. However, there are not so many devices on the market, and the company does not have so many funds to import everything, says Sergey Demidov. Therefore, the task arose to narrow the potential plane of attack and import substitution in a limited perimeter, while maintaining the ability to work remotely for employees.

The company began to abandon some autonomous systems, conducting a large-scale inventory, and focused on ensuring maximum security and import substitution in the most critical areas - providing services to customers and the state.

The second challenge involves strengthening the role of the state. Regulation of the information security sphere is increasing, new decrees are constantly being issued. They begin to slip words that only accredited centers for monitoring and responding to information security incidents will be able to provide security services.

It can be seen that they stopped trusting us, - said Sergei Demidov. - Unfortunately, this is often orthogonal to real protection.

At the same time, the state is ready to listen to the industry, because it does not want to "kill" the financial sector, added the information security director of Mosbirzhi. However, often no one comes to officials. You need to communicate with the state in order to change the situation for the industry: go to their meetings and meetings and comment on the documents coming from above.

Sergey Demidov also includes clouds among the challenges. With all the risks of information security associated with clouds, the situation pushes to still use them, because there are problems with technology, and then it will become even more serious. At the same time, of course, the most critical things should not be given to the clouds, but everything else is possible - for example, collaboration platforms, VKS, part of accounting and personnel processes.

At the same time, our cloud market is raw. Many large suppliers do not understand the security needs, they have not yet been formed for them. Google Cloud, for example, has a whole page of security services that can be selected like in a supermarket. We still have this in a very embryonic state, - says the information security director of Mosbirzhi.

Among the challenges is also the ability to calculate risks. It's an opportunity to start talking to business in one language. Business does not understand complex terms and abbreviations related to information security. For a conversation with business to be substantive and within the budget, you need to learn to consider the risks, said Sergey Demidov. There are different models for assessing information security risks that are constantly evolving, and each organization has its own characteristics of this process. It is necessary to show the manager the size of the risks and designate the most critical sections of the infrastructure, where it is impossible to "move" on the budget in the field of information security.

The fifth challenge, Sergei Demidov, marked a shortage of personnel. In view of this factor, it is necessary to pay attention to the development of the employer's brand. The modern information security director also has to think about the fact that the infrastructure is both safe and convenient. The latter is important for many IT/information security professionals - they are becoming more demanding of workplace conditions. Due to the lack of personnel, work with universities is also becoming more and more important, added the director of the information security department of Mosbirzhi.

There are more and more calls in the field of information security, and the environment in which the information security director has to work is becoming more complicated. This also changes its role: in addition to deep technical competencies, the information security director needs to be able to flexibly negotiate with the business and convey his position to him, with the state, as well as pay attention to the comfort of the working environment for information security specialists.

TAdviser SummIT took place on May 31, 2022 in Moscow. The event was attended by more than 900 delegates, more than 100 reports were made. Among the key speakers are the Minister of Digital Development of the Russian Federation Maksut Shadayev, Deputy General Director of RZDEvgeniy Charkin, Chief information officer of Uralchem Valery Fokin, Vice President for IT at Evrazholding Artem Natrusov, Chief information officer of Lenta Sergei Sergeyev and others.

2021

Sergey Demidov, information security director of the Moscow Exchange, on the prerequisites for a new information security agenda in the financial sector

Information security risks have evolved and changed orientation, believes Sergey Demidov, Director of the Department of Operational Risks, Information Security and Business Continuity of the Moscow Exchange Group. At the TAdviser IT Security Day conference in October, he shared his vision of new information security risks and the prerequisites for forming a new information security agenda in the financial sector. Read more here.

How to insure against the situation "everything is gone" - Managing Director of Mosbirzhi for IT Andrei Burilov told at TAdviser SummIT

Moscow Exchange, Russia's largest trading platform for securities, derivatives, currencies and goods, is actively overgrown with individual customers: by the end of 2021, it expects 15 million retail customers. Over the past year, the exchange has increased its operating time: previously, trading was conducted from 10:00 to 18:00, and now - from 7:00 to almost 00:00. This gave her access to all regions of Russia and allowed her to increase the number of individual clients. The figure of 12 million has already been reached, and it is individuals who conduct more than 60% of evening trading.

Speaking at the TAdviser SummIT conference on May 26, 2021, Andrei Burilov, board member and managing director for IT at the Moscow Exchange, told how the business continuity of this large-scale organization is ensured, and what allows it to compete with world companies of the same business profile.

According to Andrei Burilov, the uniqueness of the Russian exchange site, laid down back in the 90s, is as follows: it checks what is happening in real time, unlike other sites where this happens at the end of the day. The Moscow Exchange needs to ensure such a speed of processing applications in order to have time to check them and at the same time compete with the best world platforms for speed. Speed ​ ​ is an element of a competitive advantage that distinguishes the Moscow Stock Exchange among others, Andrei Burilov emphasized.

Up to 4 trillion rubles are "pumped" daily on the exchange, this is about 110 million processed applications at peaks of up to 160 million. At the same time, speed is ensured at the level of the best world sites, said Andrei Burilov. Load tests show that the platform has 2-3 times the performance margin.

The Moscow Exchange has da data centers operating in active-passive mode, when some of the resources are in standby mode. The company cannot use the active-active mode, Andrei Burilov explained, because in addition to developing the direction of individual clients, the exchange historically provides high-frequency trading opportunities when transactions occur as quickly as possible, and exchanges compete to provide the fastest access. For such access, participants sometimes place their servers as close as possible to the exchange servers. But the exchange must provide equidistant opportunities for everyone. Therefore, it can only be in active-passive mode, when trading takes place in only one location, and only there the exchange can spend a working day.

The company regularly checks with participants the possibility of accessing information in data centers; at each release, she and the participants check the possibility of migration - conducts a disaster recovery test; a site loss migration test is also performed.

An interesting feature is that the Moscow Exchange has the opportunity to continue trading using a mobile, movable office on wheels. This allows you to continue trading even if all the company's sites are inaccessible - to ensure business continuity, no matter what, Andrei Burilov explained.

And monitoring is provided, on the one hand, classic (monitoring of servers, networks, availability of services) based on open source and commercial technologies. And on the other hand, there is a peculiarity - monitoring of trading systems, where specialized technologies are used for this, allowing you to track the activity of participants, trends.

When we see that the flow is 140 thousand transactions per second, it is no longer possible to track some patterns with your eyes. You can only look at some patterns of behavior and see that something has gone wrong, and this can lead to the suspension of trading, if we see by indirect signs that some participants do not have access to the systems at the moment, "Burilov explained.

With the existing volumes in the Moscow Exchange, they thought about doing umbrella monitoring. The monitoring classes that are configured in the company allow you to track correlations between them - some events affect others. Here Andrei Burilov addressed the participants of TAdviser SummIT:

If you have suggestions on how to build this system, then come, we will gladly communicate with you. Now the task is to build such a portal, with the help of which we will be able to make predictive monitoring in the future, which will allow us to predict what we will have at such volumes.

The company also develops a theme that allows you to see yourself through the eyes of a client. Access to the exchange occurs through brokers. The approach assumes that the Moscow Exchange, as it were, becomes a client of one of the brokers. And it is necessary to build an infrastructure that would allow minimal transactions to check the viability of both their systems and broker systems.

The TAdviser SummIT conference, held in traditional offline mode, has become one of the largest in the history of its holding: in total, more than 700 delegates attended the event. Also at the exhibition within the framework of the summit, the most extensive exhibition of IT solutions in the history of the event was presented: suppliers of products and services deployed 21 stands. In total, about 100 speakers spoke in the plenary part and the five parallel sectoral sessions that followed. The event was supported by the Ministry of Digital Development of Russia.

Director of Information Security of the Moscow Exchange Sergei Demidov - on the growth of cyber attacks and a new defense strategy in an interview with TAdviser

Moscow Exchange expects 15 million retail customers by the end of 2021. And as it grows in individual clients, its attractiveness to cybercriminals also increases. And the pandemic only adds fuel to the fire. Sergey Demidov, [1] Director of the Department of Operational Risks and Information Security of this organization, spoke about what challenges in the field of information security faced by the Moscow Exchange, and how it answers them in an open interview at the TAdviser IT Security Day conference. Read more here.

2020: How IT is arranged on the Moscow Exchange. Architecture and Key Systems

On August 14, 2020, Andrei Burilov, Managing Director for Information Technology of the Moscow Exchange, at an online seminar for journalists, told how the organization's IT infrastructure was arranged and what work had been done on it. According to him, the IT infrastructure of the Moscow Exchange is distinguished by high availability and modern information architecture.

The high availability rate - 99.99% - is provided by a set of measures aimed at its maximum reliability, Burilov noted.

We have built modern development processes and established testing procedures, created special landfills that allow us to check the performance of new services and products. In addition, there is a policy of updating the fleet of equipment, according to which it is updated once every 4-7 years, depending on the reliability group of the information system located on the equipment, - said the managing director for IT at the Moscow Exchange.

The modern information architecture of the Moscow Exchange was created thanks to several measures:

• transition from a single trading and clearing core to independent, both software and hardware, trading and clearing components using a high-speed bus. In the future, when the autonomous trading mode is implemented, in case of failure of one or another part of the system, this will allow the rest of its components to continue to operate normally;

• implementation of an integration platform (ESB) for transactional services, which allows asynchronous interaction with elements of the entire trading and clearing complex;

• Implementation of an MDM system that allows you to build analytics and use it in working with data, which provides the foundation for predictive analysts or proactive actions;

• The development of a single storage and data marts based on a fast software and hardware platform, which provides information support for business solutions and regulatory requests through pre-calculated analytics and access to raw data.

The information architecture allows the Moscow Exchange to process 250 million applications per day and 140 thousand transactions per second, and the processing time of one transaction is 200-300 microseconds, the organization cites data. Along with speed, the information architecture of the Moscow Exchange is characterized by reliability. The balance of speed and reliability in it is in particular ensured by API-First harmonization and technological support for Canary Release.

But that's not the limit. We already have experiments showing that under certain scenarios we can already talk about the processing time of transactions in tens and units of microseconds, "said Andrei Burilov.

Speaking about the current digitalization projects of the exchange, he said that the company is moving away from filling out paper forms, moving completely to electronic interaction with both customers and counterparties, developing and improving web interfaces for interaction with them. The company also plans to implement the Digital Office project, which will allow its employees to interact remotely.

A new direction of the exchange is to enter the B2C market. In other words, working with citizens: providing them with access to products and services of financial organizations.

It involves the creation of:

• investment marketplace - systems for orienting a person in the market and understanding the right way to enter the market;

• financial marketplace - a system that provides a person with the opportunity to choose various financial products online, for example, deposits from a pool of banks without the need for a physical visit to credit institutions, and in the future insurance, investment products;

A person will not need to go to the department to open a contribution, it can be made using exchange tools, - explained Andrei Burilov.

Another new area of ​ ​ activity of the exchange is the export of exchange technologies.

We have very good experience with KASE stock exchange of Kazakhstan. In early August, the functionality of our systems was fully operational there in the stock and money markets. Our colleagues in Kazakhstan are very pleased with them. We are also negotiating with other countries. First of all, with the CIS countries, - said Andrei Burilov.

It is noteworthy that the share of IT specialists in the staff of the Moscow Exchange, according to him, is significantly higher than in other Russian financial structures and in business as a whole. The total number of IT specialists - both full-time and freelance - is about 600 people - and this is about half of all employees. In the entire group of companies of the Moscow Exchange, one of which is it, the number of IT specialists exceeds 1000 people.

The key thing that we are doing now is focusing the main expertise among the company's full-time IT specialists. This implies a sourcing strategy for the exchange, the purpose of which is to balance the value, quality of expertise and risks associated with its departure. In addition, we are optimizing the IT staff involved in accompanying processes, since automation of processes, proactive monitoring allow us to abandon manual operations, "said Andrey Burilov.

2013-2018: Information Systems Development

In September 2016, load testing was carried out at the Moscow Exchange, one of the goals of which is operational testing of the TCS DPC DataSpace complex as the main one (More on the project). here

See also

• Harvest Trade and clearing system of the Moscow Exchange for agricultural products
• Moscow Exchange Marketplace
• National Settlement Depository (NPO NSD JSC) Non-banking credit institution
• National Commodity Exchange (NTB, Moscow Exchange)

IT projects in the Moscow Exchange

{{# ITProj: Moscow Exchange (MICEX-RTS)}}