Cyber Risk at All-Time High for UK Financial Sector
The proportion of financial services firms citing cyber-attacks as a major source of risk has hit an all-time high, according to the latest biannual survey from the Bank of England (BoE).
The Bank’s Systemic Risk Survey for the first half of 2018 had cyber-incidents ranked joint second alongside geopolitical risk, with 62% citing them as major risks to the UK’s financial system.
The figure has increased for the third consecutive survey and is now at its highest level since records began in 2008, according to the BoE.
There was also an increase of five percentage points in the proportion of respondents that cited cyber-attacks as the risk most challenging to manage, to over half (51%).
Nick Hammond, lead advisor for financial services at tech provider World Wide Technology, argued that newer regulations are moving away from the old tick-box compliance format towards requiring continued assurance of critical applications.
“But due to the complex nature of existing systems which have been built with different and sometimes conflicting metrics over the years, legacy infrastructures are typically built from a complex patchwork of applications, which communicate with each other in complicated ways,” he added.
“This network of opaque inter-dependencies creates a significant challenge which means banks are increasingly drawing on infrastructural expertise as the first step towards securing their internal software.”
Hammond argued that gaining visibility into networks and the way applications share data is a vital first step to reducing risk as it can ensure the right policies are applied to each segmented app.
The BoE is said to be developing guidelines to help firms demonstrate cyber-resilience, and despite the relatively large amounts of funding available to IT security teams, there seems plenty of work to do.
Global financial services breaches have tripled over the past five years, according to Accenture, while a VMware survey of UK-based security pros in the sector revealed 67% who claimed their practices “would shock outsiders.”
Source: Information Security Magazine