Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Business

Posted By Gbaf News

Posted on August 16, 2018

Cyber is the new front line in modern economic warfare

By Peter Matthews, CEO, Metro Communications

The threat to banking and finance across the world can’t be overestimated –cyber is the new frontline in modern economic warfare.

The challenge from underground activists, organised criminals, state-sponsored actors and have-a-go hackers is gargantuan. When your enemy has a global recruiting ground, fast-evolving weaponry and the ability to walk through walls, staying ahead of the game can seem impossible. But while no organisation, institution or territory is impenetrable, the financial sector can – and must –become much more resilient.

A recent consultation paper on cyber security in the financial sector, jointly authored by the Bank of England, Prudential Regulation Authority and Financial Conduct Authority, seeks to redefine resilience by switching the emphasis from systems to services and people.In other words, rather than invest in scheduled system upgrades and renewals as a matter of course, organisations should focus their efforts on those systems that are needed to maintain key services, such as making purchases, receiving payments and delivering lending and saving.

This approach to resilience requires that organisations have a back-up system, ideally based at a different site.It also suggests they should:

  • Identify essential services and map the systems that support those services
  • Test security measures regularly to ensure they remain fit for purpose
  • Establish secure communications channels and protocols, including for smartphones and other mobile devices
  • Take specialist advice on preventing cyber crime and detecting it early
  • Develop intelligence on current and emerging threats and how to respond to them
  • Raise awareness and build a culture of cyber security
  • Learn from previous incidents by sharing information and good practice.
Peter Matthews, CEO, Metro Communications

Peter Matthews, CEO, Metro Communications

In my opinion, there are two major areas that rarely get the recognition they deserve: raising awareness and establishing secure communications.

An awareness of cyber security can mean the difference between containing and compounding the effects of an attack. It is not unusual for organisations to make a bad situation worse by using compromised technology to report breaches. In fact, hackers often carry out the initial attack in order to monitor messages, redirect traffic, intercept new passwords and inflict even more damage. It’s easy to see how an organisation– using a hacked system to rectify a breach –could inadvertently infect their own back-up system, effectively handing criminals the keys to their safe house.

In the words of Bank of England executive director Andrew Gracie, ‘Cyber is not a minority sport for technologists… it is about culture too and this means people and processes’.Everyone, from senior managers to frontline workers and the board of trustees, needs to play a part in maintaining data security.

The second key area– secure communication channels, including those built into mobile phones–is vital in protecting data and conversations when it’s business as usual. But these secure channels are also essential to safely deliver solutions following a cyber incident. For example, business-grade security apps on mobile phones don’t just encrypt data; they secure metadata (such as contact lists, location and caller identity)to protect sensitive conversations between key individuals. This also thwarts hackers who rig up fake mobile phone masts to intercept and record commercially sensitive conversations,and enables people who travel for work to use unsecured hotel WiFi with confidence.

Other technological solutions, such as enterprise mobility management solutions (which manage the security of all devices in an organisation), firewalls, antivirus software and user authentication and privileges may also be part of the answer.

Butresiliencedoesn’t stop at technology. Buying costly software that tries to deal with every eventuality–often causing as many problems as it cures–isn’t the answer. Again, it’s about knowing what’s important to your business and developing an intelligent, focused and proportionate response to deal with key threats and vulnerabilities.

The financial sector is highly susceptible to cyber crime because of its importance to maintaining life as we know it. The entire system balances on a pinhead of confidence, and its global connections offer criminals a potential goldmine of devastation. It’s worth remembering that the recent Webstresser attack, which sold the ability to disable financial services for just $14.99 a head, was responsible for more than four million attacks across the world before the website was finally disabled by authorities in eleven countries.

Striking at a single internationally connected organisation in one country could give hackers the satisfaction of causing major disruptionacross the world. That might explain why attacks on banking and finance have increased by around 80% over the past year. It is why major financial institutions will soon face exacting new standards, developed by the Bank of England and the National Cyber Security Centre (NCSC), to ensurethey canrestore vital services following a cyber incident, within a specific timeframe. And it is why I believe that the sector as a whole must raise its game. All organisations need to be clear about what resilience looks like and play their part in delivering it.

For more advice about how to protect your mobile phone conversations, contact Metro Communications.

Recommended for you

  • Optimizing SME Supply Chain Financing Through Data Analytics in Banking

  • Effective Customer Acquisition and Retention Strategies for SMEs in Banking

  • Impact of Economic Policies on SME Growth in Banking