The EU is considering testing banks’ cyber security in response to increasing fear of attacks on the sector. It is expected that this could come by way of an EU-wide stress test and investment in new tools such as blockchain, the technology behind the virtual currency bitcoin.
Cyber attacks against banks have become more common and more complex in recent years, headlined by the £2.5 million taken from Tesco’s banking arm in November last year and, days later, the two billion roubles (£27 million) taken from five Russian banks.
With the European Banking Authority (EBA) labelling banks’ current digital infrastructure as “rigid and outdated”, regulators are contemplating more rigorous efforts to ensure that they are secure.
Banks are not prepared
The EBA’s report claimed that banks “are struggling to demonstrate their ability to cope with the rising threat of intruders gaining unauthorised access to their critical systems and data”.
“What’s interesting here,” Kaspersky Lab researcher Kurt Baumgartner told Ars Technica earlier this month, “is that these attacks are ongoing globally against banks themselves. The banks have not been adequately prepared in many cases to deal with this”. Baumgartner was discussing the malware infection that hit at least 140 enterprises in 40 countries, including banks, government organisations and telecoms companies.
Banks are now starting to consider the methods virtual currencies use for security assurance: the EBA is currently considering blockchain as an option for banks. More than 1 billion euros have been invested in blockchain start-ups, according to the World Economic Forum, and Reuters has reported that the technology is being “closely monitored” by Brussels “to establish the advantages and possible risks”.
Rob Norris, VP Head of Enterprise & Cyber Security EMEILA at Fujitsu, said: “With digital continuing to pave the way in financial services, the industry can no longer afford for it not to be the number one priority”.
For businesses in the banking sector – or, indeed, any sector – to stay secure, it is important to have an effective information security management system (ISMS) in place. ISO 27001 is the international standard that describes best practice for an ISMS. It covers people, processes and technologies, recognising that information security is not about technology alone.
To help your business implement an ISO 27001-compliant ISMS, IT Governance has a range of packaged solutions to choose from. Each fixed-price solution provides a combination of products and services that can be accessed online and deployed anywhere in the world.