UK banks will launch the most extensive cyber threat exercise in two years as the authorities test the preparedness of the financial system to survive a sustained online attack.
The exercise, dubbed Operation Waking Shark 2, is scheduled for mid-November with the UK’s high street bank expected to take part in a one-day ‘war game’ simulating the impact of a major cyber attack on the payments and markets systems.
An outside consultant has designed and will lead the test, to be monitored by the Bank of England (BoE), UK Treasury and watchdog the Financial Conduct Authority (FCA). It will assess the ability of the UK’s core financial services providers to withstand attacks by cyber criminals as well as state-sponsored terrorist attacks.
The exercise comes two years after the now defunct Financial Services Authority (FSA) launched the first Operation Waking Shark initiative to test the strength of online defences.
“It is vitally important that cyber security tops the priority list for IT departments within the UK’s financial service organisations – so the news that capabilities in the UK will be tested is welcome,” said Dorian Wiskow, client managing director, financial services, Fujitsu UK and Ireland.
“Not only are banks operating with legacy systems that in some cases have been in existence for many years, it is also a sector where innovation across new banking channels, such as online and mobile, is creating complex multi-channel IT infrastructures.
“Chief information officers [CIOs] in the banking industry are facing an unenviable challenge – securing these multi-channel environments while ensuring customer experience does not suffer – and this is an incredibly difficult challenge to overcome. What is paramount here is that the industry does not overlook or get complacent about security or place it in the ‘too big to fix’ category.
“Research we carried out revealed that security does not feature in the top three CIO priorities. With the sophistication of cyber-attacks and the number of threats increasing exponentially – can the industry afford for it not to be the number one priority?”
Darren Anstee, solutions architect team manager at Arbor Networks, commented: “Running regular exercises to evaluate incident response is hugely important. Any organisation can be a target for a cyber-attack, but banks are a particular target due to the very nature of their business and the key part they play in the economy.
Banks are targeted frequently, and with increasingly sophisticated multi-tool, multi-vector attacks; whether the attacks are motivated ideologically or for financial gain the onus is on the financial industry to protect the availability and integrity of their systems – and they should be testing their processes frequently, on a per organisation basis, to ensure this.
“It’s an ever-changing battlefield and our defences must evolve continuously. Co-operation and information sharing are key as they allow us to best prepare based on other’s experience. Exercises such as this should facilitate improved inter-organisation communication and information flow, and that can only be a good thing.”
Earlier this month it was reported that the BoE’s financial policy committee (FPC) had given UK banks a one-year deadline to devise a robust cyber attack protection plan.
Rising interest rates, excitement around blockchain use cases and cross-border payments were all hot topics at this year's AFP conference in San Deigo.
On-Demand Treasury Management Solutions continue to gain increased adoption in the US and EMEA regions.
The US dollar and debt yields falling on the North Korea missile test, treasury being a top target for cyber criminals and why treasurers aren't into real-time payments all hit the latest headlines in the world of treasury this week. Don't miss our ten top news stories from around the world.
Treasurers are being expected to do more work with fewer resources than ever before, so it is little wonder that the automation of day-to-day operations was highly discussed on the second day of EuroFinance, the annual treasury event held in Barcelona this week.