More NewsBank of England Calls for Quicker Response to Cyber-attacks

Bank of England Calls for Quicker Response to Cyber-attacks

The UK’s financial services sector needs to sharpen up its response to a concerted cyber attack the Bank of England (BoE) warned, as it published the result of ‘Waking Shark 2’,
last November’s simulated attack
on the markets.

Waking Shark II aimed to test the market’s readiness in responding to concerted cyber-attack against the UK financial sector by a hostile nation state intending to significantly disrupt the wholesale market and supporting infrastructure. A total of 220 individuals from banks, regulators and other organisations participated.

The BoE concluded from the exercise that there was a need for a better form of communication across the industry, possibly through the British Bankers’ Association (BBA), while firms hit by cyber incidents need to inform ‘law enforcement’ about the attack, as the activities were likely to be criminal.

The Bank also highlighted the role of the new cyber security information sharing partnership (CISP), launched last March and a so-called ‘fusion cell’, which co-ordinates with government security services.

“The CISP platform was heavily used during the exercise, truncating three days of activity into a few hours. This highlights the value of the facility in identifying and responding to a cyber-event and also the amount of work required from the fusion cell in managing the information,” the BoE commented.

Commenting on the report, David Porter, head of fraud analytics at software group SAS UK & Ireland, said: “Fear of a cyber attack storm has forced the financial sector to take a cold, hard look at whether they are fully prepared. But whilst progress has been made, and financial institutions [FIs] appear to be on ‘red alert’, the plan of action to ward against threats cannot be created in isolation.

“What is needed is a multi-layered coordinated approach between markets, as an attack on one institution could create a chain reaction and lead to exposure of commercially sensitive details for another.

“Critical to defence in depth is the ability to analyse huge amounts of data and run sophisticated models that can pull together all the pieces of evidence to automatically identify where threats may exist, and then rapidly deploy the cure. It is not always obvious that your systems are under attack until it’s too late to do anything about it.

“With the cyber attacks becoming ever more sophisticated, the race is on to ensure the defences do not become rigid, but can quickly adapt and evolve; nobody should want to build a cyber Maginot Line.”

Related Articles

Infosys Finacle to power Santander UK’s international cash management system

More News Infosys Finacle to power Santander UK’s international cash management system

3w The Global Treasurer
Preparing for GDPR? Here’s four things to consider

More News Preparing for GDPR? Here’s four things to consider

4m Elliott Wiseman
Cash flow in focus for investors

Cash Management Cash flow in focus for investors

5m Conor Deegan
Treasury TV: Karen Pugsley, Domino's Pizza Group

More News Treasury TV: Karen Pugsley, Domino's Pizza Group

5m Victoria Beckett
Treasury TV: Yeng Butler compares US and European MMF reforms

Compliance Treasury TV: Yeng Butler compares US and European MMF reforms

5m Victoria Beckett
Treasury TV: Tim de Knegt, The Port of Rotterdam

10 Minutes With The Treasury Treasury TV: Tim de Knegt, The Port of Rotterdam

5m Victoria Beckett
Banks are selling clients short with short dated cash deposit U-turns

Banking Banks are selling clients short with short dated cash deposit U-turns

5m Victoria Beckett
What does sterling’s Brexit boost mean for UK manufacturers?

More News What does sterling’s Brexit boost mean for UK manufacturers?

6m Tasja Botha