Technology / Greater co-operation needed to combat cyber crime, says report
Greater co-operation needed to combat cyber crime, says report
16 March 2015 |
Banks need to take a collaborative approach when it comes to mitigating cyber-risks, as well as look at the issue from global perspective.
Matt Allen , director of financial crime at BBA, says: “Cyber-crime is clearly a global threat. Many risks to our members emanate from threat actors operating outside the UK. We are also seeing a trend towards cyber-criminals targeting banking customers.”
There are also cyber threats potentially looming for the banks in their supply chains. A report by PWC and the BBA stated the supply chain threat has been demonstrated most recently through the high-profile Target data breach and the identification of the Heartbleed bug vulnerability. Both examples illustrate the indirect impact of cyber-incidents on banks.
“Many of the risks to banks come from the outside,” Allen says. “There are other types of businesses and industry sectors which hold lots of data. If individuals businesses outside of banking have weak controls, there is a risk to banks that criminals may access data which is relevant to banking.”
According to the report, threats are evolving rapidly with the development of new technologies and the ever changing geo-political landscape. Allen says: “The biggest challenge is the fact many of the cyber-criminals are operating outside the UK. We need a robust international law enforcement response. There has been a lot done over the last few years to strengthen controls in banks and create partnerships with public authorities, but there is more to do.”
“There has been a massive investment by banks into systems and controls and expert staff, as well as campaigns to educate customers on the risks. There are a range of things banks need to do. They need good analytical capabilities, and expert staff in cyber-security and financial crime. Also a workforce aware of the risks.”
The BBA has been working with its members and other partner bodies to look at how the sharing of information and experiences can help guard the banking industry against emerging cyber-threats.
Allen says: “Within the banking industry what I think has been most impressive is the fact it is a genuine industry-wide approach. What the BBA does is bring together a very large number of banks of all shapes and sizes, both in terms of policy discussions and also sharing of experience and best practice. It is really important as in the banking industry we cannot have any weak spots. The industry has been very proactive in engaging the public authorities.
“A really useful initiative has been the agreement between the European banking industry and European police authority to collaborate on cyber-crime. That is the type of thing we like to see progress even more broadly at the international level.”
The PWC/BBA report highlights this importance of international collaboration. It states that as the political focus on cyber-issues increases, it is important that the banking sector is proactive in the development of new policies and strategies.
Also according to the report, there is a need for a more joined-up international banking industry approach, and it suggests that the European and International Banking Federation need to influence and align global regulations. As cyber-threats evolve it is likely there will be legislative/regulatory changes that develop.
He says: “Our view is quite clear, and it was set out in a public report April last year. The challenges in this area are multi-sectorial, multijurisdictional and which can change quickly. Therefore the response cannot be from one sector on its own. The banking industry cannot solve this by itself and the public sector cannot solve this on its own.
“We need a range of sectors to come together internationally. That is happening in Europe – we were very pleased to attend the joint Interpol-Europol Cybercrime conference in Singapore and there were some stark discussions around collaboration in the sector. We are looking forward to continuing those discussions to see how they will help.”