Finance industry remains vulnerable to cyber attacks

Defence plans should be made around an asset based approach.

  • 11 years ago Posted in

Financial firms could be missing out on attack paths to key industry infrastructure, leaving the sector vulnerable to a major cyber attack, IT security firm MWR InfoSecurity has warned.


The company issued the warning after the Bank of England and the Treasury urged board directors in the financial industry to draw up plans to address the increasing threat levels from cyber attacks.


Alex Fidgen, director at MWR InfoSecurity, said: “Whilst the issue of improving security is a complex one, it should be focussed around an asset based approach. Emphasis has to be made in protecting key industry infrastructure, such as payment systems, by blocking all attack paths leading to it, and this can only be achieved by thorough assessment of a company’s assets.”


“In order for the finance industry to understand where security can be improved, they must adopt assessments that replicate some of the attack methods used by more sophisticated attackers, which are often state sponsored.”


He added: “If they miss this stage out, they will not identify how best to defend and will not only waste funds and resources protecting the wrong assets but they will be at serious risk of being hacked.”


Fidgen said that these sorts of measures should apply not only to UK banks but also to any financial institution operating in the EU, especially as the EU still provides Safe Harbour.


The adoption of advanced defensive programmes is likely to provide these financial institutions with a competitive advantage.


Fidgen added: “More to the point, a demonstrable defence programme will enable financial institutions to pro-actively satisfy regulatory authorities that their asset book can be value assessed accurately, and potentially argue for lower Capital to Asset ratios under legislation such as Basel III.”
 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...