Speaking at a Jericho Forum digital identity conference in London earlier this week, Whyte said that, with financial services accounting for 10% of UK GDP - a percentile that is higher than the US, Japan, France and Germany - financial IT professionals have own role to play on the security front.
Fund managers in the UK, he said, now have responsibility for managing assets of £3.7 trillion and about 85% of this is handled in London.
Coupled with this, he added, the London Stock Exchange has a higher number of foreign listed companies than any other exchange and is one of the leading centres for foreign equity trading.
Against this backdrop, the F&C Investments head of IT explained that his company has the usual IT security concerns, which include insider dealing, breach of client data and reputation issues, and thousands of firewall hits every day, some of which comes from China.
The security issues facing his company, he said, include the rise of remote access on anytime/anyplace basis, along with the remote deployment of critical applications and the introduction of new technology to support improved performance and distribution.
Along with other issues such as social and personal networking, Whyte says that there needs to be a simplification of the IT estate, as well as a good disaster recovery model in place.
Al of this, he said in his presentation, comes as IT security needs to meet new threats, including highly sophisticated new threats and mobile attacks, as well as the de-perimeterisation of the cloud.
Is the technology used in the office space up to the task?
According to Whyte, security breaches such as Play.com, RSA and Sony all tend to reduce confidence in IT security technology, whilst technology has started to become too complicated for `normal' users ½ and is moving too fast for anyone keep up.
The situation is compounded, he went on to say, because the technology is not `joined up' enough.
So what are the solutions?
Whyte argues that keeping wholly inside the corporate network perimeter is no longer an option, meaning that the role of the CIO needs to change from protector to enabler.
His long-term vision, he said, is that he would like get into a position where he is ambivalent about what data is being accessed, where it is from and when it is looked at/amended. And, he added, from which terminal and which data is being accessed.
Concluding his presentation, he said that the drivers for change and de-perimeterisation in our industry are huge and, whilst there has been no silver security bullet for the financial services IT professional, he is sure that one will arrive in the longer term.
Nevertheless, he says, we still need the security industry to give IT professionals better tools to prevent security incident, as well as giving professionals the tools to minimise the impact of an incident.