An Open Letter to Derivatives Exchange Operators

by

Dear Technology Colleagues at Derivatives Exchanges,

I’m sure you do not need me to inform you that the investment community is becoming more aware of the importance of dependable software operating our exchanges. Yet many of your competitors have fallen victim to the reputational damage caused by software glitches. Many of us, as technology professionals and as individual investors, are shocked to see the escalating pace of major software outages reported by the exchanges and major market makers.

Perhaps this is because most enterprises fail to wake up to their software risk until shamed into it by a major public outage. By this point, whilst it may be possible to fix the underlying cause of a glitch, the long-lasting damage to brand reputation is much harder to shift.

The unfortunate incident at Chicago Board Options Exchange (CBOE) caused us to take a look at the derivatives exchanges in Europe and North America. Studying this segment, we noticed that of the top eight derivatives exchanges -- CME Group (NASDAQ:CME), CBOE (NASDAQ:CBOE), Eurex (Xetra:DB1), NYSE Euronext (NYSE:NYX), Nasdaq OMX (NASDAQ:NDAQ), TMX Group (TSE:OSPTX), Intercontinental Exchange (NYSE:ICE), and London Metal Exchange (LME) -- six have managed to stay out of the headlines over the last 12 months.

First off, we would like to congratulate our Technology & Operations colleagues at the six exchanges among you that have managed to keep stability issues out of the news in the last 12 months. We know how difficult that is and applaud your ability to contain the software risks being imposed on you by the speed at which your business pushes new products to your institutional clients. But we also know this could change in a matter of seconds.

We at CAST are fixated on the software risk posed by poor code quality and have issued open letters calling on the regulators and companies similar to yours to address the fundamental flaws in their IT systems. We have also helped many trading institutions and key players in institutional banking to control the software risk lurking in their code.

If you would like to prevent an outage before it happens, you can reach out to us via Contact@CastSoftware.com or you can learn more about our Application Structural Quality Assessment. It is designed to help organizations like yours avoid making news for the wrong reasons with a clear action plan to prevent damaging application outages and security breaches. In the meantime, I hope you take the time to understand the importance of software risk as much as we do.

We stand ready to help,

Danielle Azzara, Director, CAST

Get the Pulse Newsletter  Sign up for the latest Software Intelligence news Subscribe Now <>
Open source is part of almost every software capability we use today. At the  very least libraries, frameworks or databases that get used in mission critical  IT systems. In some cases entire systems being build on top of open source  foundations. Since we have been benchmarking IT software for years, we thought  we would set our sights on some of the most commonly used open source software  (OSS) projects. Software Intelligence Report <> Papers
In our 29-criteria evaluation of the static application security testing (SAST)  market, we identified the 10 most significant vendors — CAST, CA Veracode,  Checkmarx, IBM, Micro Focus, Parasoft, Rogue Wave Software, SiteLock,  SonarSource, and Synopsys — and researched, analyzed, and scored them. This  report shows how each measures up and helps security professionals make the  right choice. Forrester Wave: Static Application Security Testing, Q4 2017  Analyst Paper
This study by CAST reveals potential reasons for poor software quality that  puts businesses at risk, including clashes with management and little  understanding of system architecture. What Motivates Today’s Top Performing  Developers Survey
Load more reviews
Thank you for the review! Your review must be approved first
Rating
New code

You've already submitted a review for this item

|