Bookmark and Share
Dr. Yogesh MalhotraRESEARCHWall Street Quant: Big-3 Finance-IT LeaderResearch Impact among Nobel LaureatesPrinceton Quant Trading PresentationsVentures:
[Digital Transformation Pioneer] [AI, Algorithms & Machine Learning] [Computational Quant Finance] [FinTech: 'Rethinking Finance'] [CyberSecurity Risk Engineering]

2015 & 2016 Princeton Quant Trading Conference: Sponsors: Goldman Sachs, Citadel, SIG, KCG Holdings.,
2008: AACSB: Model Risk Management Research Impact among Nobel Laureates such as Black-Scholes.

*Research Impact *Beyond 'Prediction' *Future of Finance *Beyond VaR *Model Risk Management *Future of Risk *Cyber Risk *SSRN *Google Scholar *Publications
*Projects *Goldman Sachs *JP Morgan *Wall Street Hedge Funds *Princeton Presentations *Model Risk Arbitrage *Cyber Finance *Cyber Risk Insurance *Quantum Crypto
*Bayesian vs. VaR *Markov Chain Monte Carlo *Wireless Mobile Trust Models *VoIP Pen Testing Frameworks *Bitcoin Cryptanalytics *NFS Cryptanalytics Algorithms

Dr. Yogesh Malhotra:
Prognosticating Exponentially Increasing Cyber Risk for Global Finance...
Helping you 'define the risk' as well as 'measure progress to achieve defined ends'...

Dr. Malhotra underscores growing Cyber-Finance Risk for Global Banking, Finance & Insurance (BFSI):
Excerpt from his presentation 15 miles from Air Force Research Laboratory (AFRL)


"
First, based on available evidence, it is not improbable that the current officially "recommended" most widely used global standard of encryption [1024-bit RSA] may have already been compromised. Second, it would not really be a 'surprise' given that the infamous '40 quadrillion years' challenge for an earlier version of the standard was unraveled in mere 17 years. Third, given recent multi-billion dollar global Finance deals blown by compromise of such technologies, it is increasingly critical to recognize the exponentially increasing cybersecurity risk among other Financial Risks." -- Dr. Yogesh Malhotra in Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization on Composites presentation, May 1, 2013. Related Paper published online on May 3, 2013:
Malhotra, Y. Cryptology beyond Shannon’s Information Theory: Preparing for When the ‘Enemy Knows the System’ with Technical Focus on Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization on Composites, Griffiss Cyberspace, Global Risk Management Network, LLC, May 3, 2013.
 


"Google just announced that its HTTPS web pages will be ditching 1024-bit RSA keys in favour of 2048 bits."
- Anatomy of a change - Google announces it will double its SSL key sizes, nakedsecurity, May 27, 2013.

Google

 

CISOs must first define the risk, cybersecurity analyst tells Congress

"To combat continued and growing threats, cybersecurity officials should utilize a two-step process, said a network security firm executive speaking before Congress."

"Step one is to define the risk, and step two is to measure progress by combining ways and means to achieve defined ends," Richard Bejtlich, chief security strategist at FireEye, told the House Energy and Commerce subcommittee on oversight and investigations March 3. "This is exactly the role of strategic thinking, meaning the application of strategies, campaigns, tactics and tools to achieve organizational goals."
-- FierceGovernmentIT, March 5, 2015

FireEye

White House

FierceGovernmentIT

To guide the global practices of Cyber Risk and Cyber Risk Assessment, Dr. Yogesh Malhotra's post-doctoral research guided by the advisory committee of Distinguished Computer Scientists, Mathematicians, &, Physicists affiliated with AFRL and NYS-CRI defines the risk as well as the means for measuring progress by combining ways and means to achieve defined ends.

Access here:
Model Risk Management of Cyber Insurance Models Using Quantitative Finance and Advanced Analytics: Risk, Uncertainty, and Profit for the Cyber Era
by
Dr. Yogesh Malhotra.

CISOs must first define the risk, cybersecurity analyst tells Congress

"To combat continued and growing threats, cybersecurity officials should utilize a two-step process, said a network security firm executive speaking before Congress."

"Step one is to define the risk, and step two is to measure progress by combining ways and means to achieve defined ends," Richard Bejtlich, chief security strategist at FireEye, told the House Energy and Commerce subcommittee on oversight and investigations March 3. "This is exactly the role of strategic thinking, meaning the application of strategies, campaigns, tactics and tools to achieve organizational goals."
-- FierceGovernmentIT, March 5, 2015

FireEye

White House

FierceGovernmentIT

"[The] scale and breadth of the attacks — and the lack of clarity about the hackers’ identity or motive — show not only the vulnerability of the most heavily fortified American financial institutions but also the difficulty, despite billions of dollars spent in detection technology, in finding the sources of attack... The data breach at JPMorgan Chase was amongthe most troubling breaches ever,” [Illinois Attorney General] said, adding that it proved “there is probably no database that cybercriminals cannot compromise.”"
-- [President] Obama Had Security Fears on JPMorgan Data Breach, New York Times , Wednesday, 8 Oct, 2014 | 2:08 PM.

"In our existing environment and at our company, cybersecurity attacks are becoming increasingly complex and more dangerous," Dimon said. "The threats are coming in not just from computer hackers ... but also from highly coordinated external attacks both directly and via third-party systems."
-- Jamie Dimon, Chairman & CEO, JP Morgan Chase & Co., JPMorgan cyberattack hits 76M households, CNBC, Friday, 3 Oct 2014 | 1:51 AM ET.

"When it comes to security, the best defense is offense; you need to test the effectiveness of your own security practices before a real intruder does it for you...The best defense against network vulnerabilities is a great proactive offense. You must test your networks and systems before someone else does."

How to Do It:
- Risk Management Framework for Stress Testing Banking Network Protocols
- Markov Chain Monte Carlo Models for High-Dimension Complex Stochastics
- Tools and Techniques for Penetration Testing and Ethical Hacking

"This is going to be a big deal and there will be a lot of battles... We need a lot of help."
-- Jamie Dimon, Chairman & CEO, JP Morgan Chase & Co., Dimon Calls for Help on Cyberattacks, New York Times , Friday, 10 Oct 2014 | 3:22 PM.

White House

 

JP Morgan

CNBC    New York Times

 

 

 

 

 

 

 

 

 

Benjamin Lawsky, superintendent of the New York Department of Financial Services, said that cyberterrorism is the most significant issue that DFS will work on in the next year, saying the possibility of an “armageddon-like” cyberattack is one of his primary concerns as a financial regulator. “I worry that we’re going to have some sort of major cyber-event in the financial system that’s going to cause us all to shudder,” Lawsky said... "We like to say that to some extent the failures to detect the 9/11 plot were a failure of imagination and communication," he said. "I'm worried about the same thing here—that an event will happen and we'll look back and say, 'How did we not do more?'

-- NY regulator warns against looming cyber 9/11, CNBC, Sep 22 , 2014 12:47 p.m. ET.

New York

CNBC    Bloomberg

"Treasury Secretary Jacob Lew is calling for financial firms to do more to combat cybersecurity threats..."Far too many hedge funds, asset managers, insurance providers, exchanges, financial market utilities, and banks should and could be doing more,"... attacks on the US financial sector can come from a myriad of sources, including state sponsored groups, cyber criminals, politically motivated hackers and others. No matter the source... a successful attack on the US financial system "would compromise market confidence, jeopardize the integrity of data, and pose a threat to financial stability."
-- Treasury Secretary Calls for Better Cybersecurity at Financial Firms - Jacob Lew Says Successful Attacks 'Would Compromise Market Confidence', The Wall Street Journal, July 15, 2014 6:54 p.m. ET.

New York

Wall Street Journal

 


"On Sept. 18, the Federal Reserve shocked the financial world with its decision not to scale back its level of support to the economy as most market participants expected... By one estimate, as much as $600 million in assets changed hands in the milliseconds before most other traders in Chicago could learn of the Fed's September surprise... The precise timing of the release is crucial because information can only travel as fast as the speed of light... like a Fed decision—released in Washington takes as much as 7 milliseconds to travel to Chicago, where futures and other assets are traded. And because high-speed trading firms are now able to execute trades at the millisecond level, there is a brief window of time in which information can be publicly available in Washington but is still traveling to Chicago, where computers won't receive it until milliseconds later." - Some traders got 'no taper' decision news earlier, CNBC, 24 Sep 2013.

Black Swans and Federal Reserve/OCC Model Risk Guidance SR11-7...

US Federal Reserve System


"On Monday afternoon, seven New York State senators gathered at the Griffiss Institute for a cyber security hearing. The hearing, entitled Defending New York from cyber attacks covered various topics within the cyber security spectrum. There are six subcommittees under the cyber security topic: Banking, Veterans, Homeleand Security & Military Affair, Insurance, Commerce, Economic Development & Small Business, Crime VIctims, Crime & Correction, Select Committee on Science, Technology, Incubation & Entrepreneurship."

- Cyber security conference held On Griffiss, Rome Observer, Monday, November 18, 2013.

Griffiss Cyberspace Venture Spans Wall Street & Hi-Tech Quant Research...

Rome Observer


"Hackers and other cybercriminals pose as grave a threat to the financial system as the recent financial crisis if banks and government officials don't mount an effective response, a top U.S. official warned Wednesday. The growing sophistication of cyberattacks spawned by criminal organizations, hackers and other foreign governments could pose a systemic risk to the financial system, Comptroller of the Currency Thomas Curry said in a speech in Washington. "The financial-services industry is one of the more attractive targets for cyberattacks, and, unfortunately, the threat is growing," Mr. Curry said. "

- U.S. Official Warns on Threat to Banks From Cyberattacks: Comptroller of Currency Says Systemic Threats are Growing, Wall Street Journal, September 18, 2013.

Cybersecurity Risk as Key Contributor to Banks' Financial Risk...

Office of the Comptroller of the Currency


"Operational risks stemming from breakdowns attributed to people, process and technology have become increasingly apparent in banking over the years. "

- U.S. Banks’ Model Risk Worse than Ever, Thanks to Basel III, American Banker, July 11, 2013.

Advancing Beyond VaR Model Risks Exposed by the Financial Crisis...

American Banker

"The Office of the Comptroller of the Currency's (OCC) third semiannual Risk perspective report, released Tuesday, cites cyber threats as the fastest-growing risk to banks, amid other concerns that banks are stretching themselves too thin in an attempt to recoup lost profits."
-- American Banker, "OCC Sees Cybersecurity as Fastest-Growing Risk to Banks", June 18, 2013.
See: Office of the Comptroller of the Currency: Semiannual Risk Perspective: From the National Risk Committee, June 18, 2013.

American Banker
"You have to think of cyber-risk as part of the other overall risks at your bank. Regulators are counseling bank executives to change the way they think about cyber attacks, and consider them as they do more traditional risks, such as lending and interest-rate risk, when making strategic decisions. As with regulators' recent push to step up enforcement of antimoney-laundering rules, banks are being told that they'll be judged on their preparation against cyber attacks when examiners gauge a bank's operational risk."
-- Office of the Comptroller of the Currency, The Wall Street Journal, June 14, 2013.


WSJ

Risk management and quantitative modeling expert Yogesh Malhotra's recent experience is in leading quantitative finance and quantitative risk modeling projects for top Wall Street investment banks such as JP Morgan Private Bank and a Goldman Sachs alumnus' asset management firm. Prior to that he founded award-winning influential financial and risk analytics ventures with CxO clients such as Goldman Sachs. His current applied research in computational mathematical statistical and econometric modeling of uncertainty and risk related to AI, machine learning and algorithms is geared toward cutting-edge breakthroughs at the intersection of probabilistic statistics and computer science.

His May 1, 2013 presentation on cryptanalysis algorithms for most efficient prime factorization of hard composites recommended treatment of cyber risk among other critical Financial Risks. His call to action in course of presentation titled Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization on Composites preceded subsequent "Call to Arms for Banks" by the Office of the Comptroller of the Currency that banks will be judged for treating cyber risks as they do other financial risks such as credit risk and market risk.

The Final Report of the AACSB International Impact of Research Task Force singled out Dr. Yogesh Malhotra's research in Information Systems as an "exemplar" of "considerable impact on practice" on Model Risk Management Practices. Besides mainstream financial and risk modeling predictive analytics and forecasting, his work has also focused on projecting future trends not predictable from historical data given high levels of environmental uncertainty, complexity and radical change characterized as 'black swans' and 'extreme events'. These are now primary concerns shared by many in cyber- and information-intensive areas such as Big Data Quantitative Analytics, hi-tech Quant Finance, Risk Modeling, Risk Management, IT Governance, and Cyber Defense.

About 15 miles from the Air Force Research Lab (AFRL), in a conference room with AFRL and other participants, Dr. Yogesh Malhotra shared three observations in his May 1, 2013 presentation on Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization of Hard Composites used for latest most successful attacks on most widely used encryption technologies. First, based on available evidence, it is not improbable that the current officially "recommended" most widely used global standard of encryption may have already been compromised. Second, it would not really be a surprise given that the infamous '40 quadrillion years' challenge for an earlier version of the standard was unraveled in mere 17 years. Third, given recent multi-billion dollar global Finance deals blown by compromise of such technologies, it is increasingly critical to recognize this exponentially increasing risk among other Financial Risks. His call to action for banks and financial institutions to treat cyber risk among other critical Financial Risks preceded the Wall Street Journal's 'A Call to Arms for Banks' of June 14, 2013 underscoring the same point made by the Office of the Comptroller of the Currency.

He developed a sketch of the future robust encryption standards by advancing beyond Shannon's original work on Information Theory while offering Non-Deterministic reformulations of both Kerckhoffs's principle and Shannon's maxim that underlie all modern encryption standards and technologies related practices. In the computational mathematical Theory of Computer Sciences, Automata, Computability, and Formal Programming Languages, such Non-Deterministic systems are yet considered theoretical 'thought experiments' but practically infeasible concepts and are often simplified into Deterministic computing systems for real world implementations. Analogous to his work addressing model risk management and financial risk management concerns in Finance, he outlined how future robust encryption standards for cyber risk management are feasible by bridging the disconnect between natural science theories created for controlling computing machines and the social science world of increasingly 'smart' global human networks.

 

2015-2017: 41 SSRN Top-10 Research Rankings: Top-10% SSRN Authors:
AI & Decision Modeling; Algorithms & Machine Learning:
SSRN Top-10 Research Ranking Categories:
• Capital Markets,
• Cognition in Mathematics, Science, & Technology,
• Computational Biology,
• Computational Techniques,
• Computing Technologies,
• Corporate Governance: Disclosure, Internal Control, & Risk-Management,
• Cyberlaw,
• Decision-Making under Risk & Uncertainty,
• Econometric & Statistical Methods,
• Econometric Modeling,
• Econometrics,
• Hedging & Derivatives,
• Information Systems & Economics,
• Interorganizational Networks & Organizational Behavior,
• Mathematical Methods & Programming,
• Microeconomics,
• Operations Research,
• Risk Management,
• Risk Management Controls,
• Risk Modeling,
• Social Network Analysis,
• Stochastic Models,
• Systemic Risk,
• Telecommunications & Network Models,
• Uncertainty & Risk Modeling,
• VaR Value-at-Risk.
Other Categories:
• Banking & Insurance
• Cultural Anthropology,
• Economics of Networks,
• Innovation Law & Policy,
• Mutual Funds, Hedge Funds, & Investment Industry,
• Sociology of Innovation

Recent Research Presentations and Research Reports
*Princeton University Presentations on the Future of Finance: 'Rethinking Finance' for Era of Global Networked Digital Finance.
*2016 Princeton Quant Trading Conference Invited Research Presentation: Beyond Stochastic Models to Non-Deterministic Methods.
*2015 Princeton Quant Trading Conference Invited Research Presentation: Beyond Risk Modeling to Knightian Uncertainty Management.
*Beyond 'Bayesian vs. VaR' Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed).
*Markov Chain Monte Carlo Models, Gibbs Sampling, & Metropolis Algorithm for High-Dimensionality Complex Stochastic Problems.
*Risk, Uncertainty, and Profit for the Cyber Era: 'Knight Reconsidered': Model Risk Management of Cyber Risk Insurance Models.
*Cybersecurity & Cyber-Finance Risk Management: Strategies, Tactics, Operations, &, Intelligence: ERM to Model Risk Management.
*Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization on Composites: Beyond Shannon's Maxim.
* Bitcoin Protocol & Bitcoin Block Chain: Model of 'Cryptographic Proof' Based Global Crypto-Currency & Electronic Payments System.
*2015-2016 40 SSRN Top-10 Research Rankings for Computational Quantitative & Risk Analytics Algorithms Machine Learning Research.
* 2008 AACSB International Impact of Research Report: Named among Black-Scholes, Markowitz, Sharpe, Modigliani & Miller

Top Wall Street Investment Banks Quantitative Finance Projects & FinTech Ventures
Princeton: Future of Finance: 'Rethinking Finance' for Era of Global Networked Digital Finance
2016 Princeton Quant Trading Conference: Invited Research Presentation: Model Risk Arbitrage
2015 Princeton Quant Trading Conference: Invited Research Presentations: Future of Finance
Quantitative Finance Risk Analytics Modeling Wall Street Investment Banks & VC Projects
Model Risk Management: Risk Management Analytics from 'Prediction' to 'Anticipation of Risk'
Quantitative Finance Risk Analytics, Econometric Analytics, Numerical Programming Models
Quantitative Finance Model Risk Management for Systemic-Tail Risks in Cyber Risk Insurance
JP Morgan Portfolio Optimization, VaR & Stress Testing: 17-Asset Class Portfolio
JP Morgan Portfolio Liquidity Risk Modeling Framework for $500-600Bn Portfolio
Bayesian VaR Beyond Value-At-Risk (VaR) Model Risks Exposed by Global Financial Crisis
Goldman Sachs Alumnus Asset Manager Large-Scale Data High Freq Econometric Models
Quantitative Finance, Risk Modeling, Econometric Modeling, Numerical Programming
Technologies of Computational Quantitative Finance & Risk Analytics and Risk Management
Algorithms & Computational Finance: C++, SAS, Java, Machine Learning, Signal Processing
Cybersecurity, Financial Protocols & Networks Protocols Analysis, and, Penetration Testing
Quantitative Finance, Quantitative Risk Analytics & Risk Management Projects Impact
Digital Social Enterprise Ventures Creating Trillion $ Practices for Hundreds of Millions

Named among FinTech Finance & IT Nobel laureates for Real World Impact of Research
FinTech Innovations: Model Risk Arbitrage, Open Systems Finance, Cyber Finance, Cyber Insurance
AACSB International Reports Impact of Research among Black-Scholes, Markowitz, Sharpe
Research Impact Recognized among Finance & Information Technology Nobel laureates
40 SSRN Top-10 Rankings: Computational Quant Analytics: Algorithms, Methods & Models
FinTech Innovations: Model Risk Arbitrage, Cyber Finance, Cyber Risk Insurance Modeling
Computational Quantitative Finance Modeling & Risk Management Research Publications
Model Risk Management of Cyber Risk Insurance Models & Quantitative Finance Analytics
Thesis on Ongoing Convergence of Financial Risk Management & Cyber Risk Management
U.S. Federal Reserve & Office of the Comptroller of the Currency Model Risk Guidance
Bayesian VaR Beyond Value-At-Risk (VaR) Model Risks Exposed by Global Financial Crisis
Markov Chain Monte Carlo Models & Algorithms to Enable Bayesian Inference Modeling
OCC Notes Cybersecurity Risk & Cyber Attacks as Key Contributor to Banks' Financial Risk
Future of Bitcoin & Statistical Probabilistic Quantitative Methods: Global Financial Regulation
Models Validation Expert Panels: IT, Operations Research, Economics, Computer Science

Global, National, & Enterprise CxO Level FinTech-Cyber-Risk Analytics Ventures
CxO Think Tank that pioneered 'Digital' Management of Risk, Uncertainty, & Complexity
CxO Consulting: Global, National & Corporate Risk Management Practices Leadership
CxO Guidance: Cyber Defense & Finance-IT-Risk Management: Uncertainty & Risk
CxO Keynotes: Conference Board, Silicon Valley, UN, World Economy: Uncertainty & Risk
The Future of Finance Project Leading Quantitative Finance Practices at Elite Conferences
The Griffiss Cyberspace Cybersecurity Venture Spans Wall Street and Hi-Tech Research
UN Quantitative Economics Expert Paper & Keynote on Global Economists Expert Panel
National Science Foundation Cybersecurity & Cybercomputing National Expert Panels
Digital Social Enterprise Innovation Ventures Pioneering the Future of Risk and Quant
Global Footprint of Worldwide World-Leading CxO Risk Management Ventures & Practices