The Bank of England (BoE) has stepped up measures to combat cyber crime by introducing new measures to help banks detect and counter hacking.
Andrew Gracie, executive director for resolution, said that the BoE had last month launched a new framework entitled CBEST, which was developed in collaboration with the Council of Registered Ethical Security Testers (Crest). It was now going public with the new framework, which will be voluntary.
CBEST will combine intelligence from government and security companies to assess risks to the financial system. It will then apply bespoke tests to see whether banks’ security systems are vulnerable. Gracie said that unlike current cyber threat systems, the new framework would replicate threats that are already being used by criminals.
“Unlike physical attacks, which are likely to be localised, the impact of a successful cyber attack on the financial system as a whole is potentially more serious from a financial stability point of view,” he told the audience at a meeting on cyber crime organised by the British Bankers’ Association (BBA).
“Low-level attacks are now not isolated events but continuous. Unlike physical attacks that are localised, these attacks are international and know no boundaries.”
In a report ahead of the meeting, the BBA warned of the rising threat of cyber attacks and “an element of lack of awareness and cultural resistance” to co-operation across the sector. At the same time, the BoE’s own systemic risk survey shows that concerns about threats to banks’ operations are at a record high, with cyber attacks the biggest worry.
Commenting on the announcement, Liz Fitzsimons, legal director at law firm Eversheds, said: “Governments, businesses and many others recognise the potential power of the on-line global economy to improve communication and understanding as well as create opportunity, employment and wealth.
“Cyber crime puts this at risk not just in developed economies – which have to date borne the financial brunt of cyber crime – but also in developing nations where the impact may be greater in real terms.
“Individuals, businesses and authorities must unite to raise awareness of the risks and help in eliminating them to prevent the greed of a few from spoiling the benefits of the on-line world for the majority.”
Ian Glover, president of Crest, said: “Although existing penetration testing services in the financial services sector have provided a good level of assurance against traditional attacks, they do not address more sophisticated cyber attacks on critical assets.
“CBEST tests have been designed to replicate the behaviours of serious threat actors, assessed by government and commercial intelligence providers as posing a genuine threat to important financial institutions.”
Sibos 2017 Day Two highlights: Brexit and banking, and why ‘data is the new oil’ in financial services
How nation first politics can impact global financial organisations It’s clear that data and regulation are the two key topics that are ... read more
On the second day of this year's AFP conference Trump's potential tax reform, using synthetic debt and the expected benefits of SWIFT GPI were all hotly discussed topics.
Today CGI and GTNews have announced the launch of the fifth annual Transaction Banking survey report, which offers which offers critical insight into the corporate-to-bank relationship.
On-Demand Treasury Management Solutions continue to gain increased adoption in the US and EMEA regions.