| |||||||||
| |||||||||
Current Filter: >>>>>> Grave New World Editorial Type: Industry Focus Date: 05-2014 Views: 3208 Key Topics: Security Advanced Persistent Threats (APTs) Hacking Cyber Security Financial Management Key Companies: Bank of England LogRhythm McAfee Courion CREST Key Products: Key Industries: Government | |||
| Following the Waking Shark II security scenario at the end of last year, which involved financial firms being hit with a series of cyber attacks in order to test their defences - see box-out - the Bank of England has now announced that it is to employ ethical hackers to conduct penetration tests, in a bid to strengthen cyber security within the financial industry. Overseen by the Bank of England itself, the move aims to ensure that the defences of 20 major banks are strong enough to combat today's sophisticated threats, which are causing ever deepening concern across businesses worldwide. "For cyber criminals, British banks are without doubt becoming the crème de la crème of targets," states Ross Brewer, vice president and managing director for international markets at LogRhythm. "Home to such valuable confidential data, banks are facing continuous, persistent attacks from outsiders, which puts huge amounts of pressure on them to have the strongest defences in place - a difficult task when faced with a constantly evolving threat landscape. Following hot on the heels of Waking Shark II, it's encouraging to see the banks continue to take proactive steps to protect both their own and their customers' data - even if the involvement of hackers may raise some questions.
CLEVER AND RUTHLESS Brewer applauds the positive step that financial sector is taking here, which many other organisations need to learn from, he says. "Indeed, far too many still rely on traditional, static security solutions that are unable to keep up with changing cyber criminal tactics. Businesses simply cannot underestimate today's cyber criminals - they are clever and ruthless in their approach. "The only way to ensure businesses have the best possible chance of keeping today's sophisticated threats out is through the continuous monitoring of all network activity. There's no doubt that any business that chooses to overlook this will end up paying the price - for both themselves and their customers."
BIGGER PICTURE "Looking at individual bank security systems is a good idea for phase two of these cyber war games," he says. "Banks' infrastructure is increasingly under attack and that's not going to change. However, the focus shouldn't be solely on detecting and preventing external attacks. It's important to recognise that threats can often stem from insider hacktivists or a weak security culture in the back office, which leaves sensitive data and apps open to abuse or theft. "Looking at the bigger security picture, the majority of serious data breaches use stolen or misused legitimate access privileges. Banks need strong, reliable systems in place to quickly identify any security vulnerabilities and take appropriate actions to prevent a breach and avoid financial and reputational damage."
PRIME TARGETS
Page 1 2 | ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |