Bailout a Boon for Tech Security Firms

A handful of technology firms are primed to step in to repair a badly beaten financial industry.

After a $700 billion federal bailout and a vast amount of bad publicity, a growing consensus is emerging in Congress and with the two presidential candidates that financial firms will need more oversight.

In particular, the government is expected to target such areas as mortgage lending, loose regulations and unregulated markets.

But even before new regulations are in place, chief information officers in the financial sector will be grappling with the recent flurry of bankruptcies and mergers and acquisitions.

All this figures to be a boon to tech companies that can help firms improve their data security, update their archiving strategies and reform their compliance and management systems.

Security

The upheaval in the financial sector has underscored the importance of keeping track of data as companies change hands through a wave of acquisitions and government takeovers.

"What's happening with all the data that's being 'liquidated'?", asked security strategist Rafal Los on his blog Preachsecurity.com. "Those behemoths of Wall Street hold terabytes of information - PIA (personally identifiable information) of all types."

Los said he is particularly concerned about the ability of firms to ensure that data on disks and tapes is secured or deleted.

The financial sector is hardly a stranger to this type of data breach, even in stable times. The Bank of New York Mellon ( BK), for example, recently lost backup tapes containing the personal details of some 12 million people, and the Bank of America ( BAC) lost tapes in 2005 that contained personal information on 1.2 million federal employees.

Encryption technologies for disk, tape, and even portable media devices, can go a long way to alleviate this threat. Check Point ( CHKP), and Seagate ( STX), for example, both offer "full disk encryption" technology and IBM ( IBM) has ramped up its tape encryption efforts in recent years.

There also is growing speculation that the federal government could tighten data security regulations. The Gramm-Leach Bliley Act already mandates data security, and it's possible more regulations could be enacted to cover the rapidly shifting financial landscape, pushing security further into the spotlight.

"Increased regulation typically means more data/data types to retain and secure, it also increases the management and reporting burden of the IT and compliance groups," said Vivian Tero, program manager for compliance infrastructure at analyst firm IDC.

"This is going to be a shot in the arm for many security companies," said Rob Ayoub, an analyst at Frost & Sullivan, adding that increased oversight could boost demand for data leak prevention software.

Data leak prevention software, which controls access to corporate data, is offered by several companies, including Symantec ( SYMC), and McAfee ( MFE).

"Generally I think that Symantec and McAfee will hold up better than most of the software sector," said Stifel Nicolaus analyst Weller, adding that sales to finance firms could help offset any slowdown in the companies' consumer businesses.

Archiving Email

Email figures to be an important source of evidence in court room battles over bankruptcies and industry re-organization.

As a result, financial firms may need to refocus their attention on archiving and searching their electronic missives.

Email, for example, features prominently in the case against Matthew Tannin and Ralph Cioffi, two former hedge fund managers at Bear Stearns accused of securities fraud.

With the credit crunch in full swing, lawyers are gearing up for a massive pay day. Some 43% of companies with revenue of $1 billion forecast an increase in litigation, according to research from law firm Fulbright & Jaworski.

"U.S. companies now anticipate an uptick in new actions and government probes," the firm said in a recent statement. " This appears to mark an inflection point for American business, and the start of a period of economic challenge that is likely to fuel litigation over who is to blame and who should pay for the consequences."

The Federal Rules Of Civil Procedure, which dictate that electronic documents must be produced as part of the pre-trial process, have already forced many firms to rethink their archiving strategies. In addition, IDC's Tero said that there is plenty more work to do, particularly if the government opts to strengthen the regulations.

"Keep in mind that these companies have already been struggling with the ongoing IT compliance and risk management requirements," she said. "More regulation just adds another layer of complexity."

Against this backdrop, firms could be spending big on software that can archive, search, and prevent emails from being deleted.

Companies handling archiving and e-discovery products include Hewlett Packard ( HPQ), Symantec, EMC, Computer Associates ( EMC), and Autonomy ( AU.L) .

Compliance and Risk Management

The need for better software to analyze the internal controls and audit procedures of companies is expected to grow as the Securities and Exchange Commission gets a better regulatory grip of the financial markets, especially in the area of credit default swaps.

SEC Chairman Christopher Cox recently described credit default swaps as a "regulatory black hole", bemoaning the "hidden risks" that contributed to the current economic crisis.

Other areas that the SEC is reportedly targeting include the valuation of offerings and short selling.

The software best suited to deal with these problems is those that can manage internal audits and collate information from different compliance programs.

"This area is going to be enormous, when you get to large global companies it takes a lot of time to test all these controls," says Marc Othersen, senior analyst at Forrester.

Symantec already offers software which collects data and generates compliance reports based on regulations such as Sarbanes Oxley and the Payment Card Industry standard. The company recently enhanced the technology to detect real-time security threats.

Computer Associates ( CA) launched its own compliance management software last year, which it claims can work with around 280 standards and regulations.

More from Technology

Flashback Friday: Amazon, Chip Stocks, Memorial Day

Flashback Friday: Amazon, Chip Stocks, Memorial Day

Some Companies Are Already Feeling the Effect of GDPR

Some Companies Are Already Feeling the Effect of GDPR

Experts Break Down GDPR Risks for Investors

Experts Break Down GDPR Risks for Investors

Netflix Ready to Surpass Disney as America's Most Valuable Media Company

Netflix Ready to Surpass Disney as America's Most Valuable Media Company

60 Seconds: What the Heck is GDPR?

60 Seconds: What the Heck is GDPR?