If you wonder why, then probably you are starting as an Information Security professional. Good luck to you! Train your psychological resilience.
If you will read this post to find out why the reading of this book is recommendable, then surely you have wondered how Information Security can provide value to the business.
This book titled Global Financial Systems: Stability and Risk is used by his author, Jon Danielsson, in his lectures about Global Financial Systems in the London School of Economics.
In 19 Chapters and in several weeks' reading time, readers get an first comprehensive idea of what has happened in the last decade and what it is currently happening in this global financial crisis. Not only that, readers get also an understanding on key financial concepts.
This information will be of great help to understand the business functionality of the IT Systems that you will probably pen-test or secure or harden or white-hat hack. And not only in the financial sector, literally in any industry sector somehow related or affected by banks i.e. in all industries.
Chapter 1 deals with systemic risk. Worth being highlighted are the interlinks among different risks and the concept of fractional reserve banking.
I identified four concepts that could have a reflection also in the Information Security field: procyclicality, information asymmetry, interdependence and perverse incentives.
Chapter 2 talks about the Great Depression from 1929 to 1933 and four potential causes such as trade restrictions, wrong monetary policies, competitive devaluations and agricultural overproduction.
Chapter 3 talks about a very special type of risk: endogenous risk. The author mentions a graph on how perceived risk goes in time after actual risk. Very interesting concept to apply also in Information Security.
Chapter 4 deals with liquidity and different models bank follow (or should follow). Liquidity is essential but, reading this chapter, complex. The distinction between funding liquidity and market liquidity is also an eye-opener.
Chapter 5 describes central banking and banking supervision. The origin of central banking dates from 1668 in Sweden and from 1694 in England. The author mentions two key roles in central banking: monetary policy and financial stability.
Chapter 6 teaches us why short-term foreign currency borrowing is a bad idea.
Chapter 7 describes the importance of the fractional reserve system and a concept that it is almost opposite to what information security professionals face on a daily basis: moral hazard (literally, "it is what happens when those taking risks do not have to face the full consequences of failure but they enjoy all benefits of success").
Chapter 8 deals with the complexity of coming up with a smart deposit insurance policy that would avoid "moral hazard" possibilities in a fractional reserve banking system.
Chapter 9 describes the problems that trading actions like short selling can bring into the financial system. An impartial reader of this chapter would see the need to come up with an effective and worldwide trading regulation. Concepts such as a "clearing house" and a "central counterparty" are mentioned.
Chapters 10 and 15: Market participants need to know probabilities to default when engaging in credit activities. These chapters explain securitisation concepts such as Special Purpose Vehicles (SPV), Collateralised Debt Obligation (CDO), Asset Backed Securities (ABS) and Credit Default Swaps (CDS). Could you think of similar concepts being used in Information Security?
Chapter 11 presents the "impossible trinity" i.e. no country is able to pursue simultaneously these three goals: fixed exchange rate, free capital movements and an independent monetary policy. Remember that the biggest market is the foreign exchange market.
Chapter 12 focuses on mathematical models of currency crises. The reader can see how these models evolved and how the global games model was proposed.
Chapter 13 goes through the different sets of international financial regulation i.e. Basel I and Basel II. There is also an appendix referring to the Value-At-Risk model.
Chapter 14 could trigger some discussions. There is a patent political element in bailing banks out. Should governments contribute or not to move private sector bank losses into the public sector?
Chapter 16 shows the need to take into account concepts such as tail risk, endogenous risk and systemic risk. Very very interesting reading for us information security professionals.
Chapter 17, 18 and 19 deal with current developments. Chapter 17 studies the period from 2007 to 2009 of the latest financial crisis, chapter 18 describes efforts taken in developing financial regulations and chapter 19 talks about the current sovereign debt crisis and its relation with the common currency and the challenge of a transfer union i.e. a higher degree of unification.
In addition, the website of the book offers the slides of every chapter, a link to modelsandrisk.org and three additional chapters with updated information on the European crisis, financial regulations and current challenges in financial policy.
Happy risk management!