Fighting a hidden enemy: Why banks need to step up the war on cybercrime

Cybercrime is a clear and present danger -- and more needs to be done to protect against data and money theft, warns a bank chief.

barclays-branch-sign.jpg

If hackers take down a bank, it could endanger the whole society, says Barclays chairman John McFarlane.

Image: Vismedia

The financial sector needs to do more to protect itself against cybercriminals, as the combination of money and personal data that banks possess represents the "perfect target" for hackers, according to a new industry report.

And it isn't just banks that are at risk -- insurers, asset managers, and other finance companies hold vast amounts of sensitive information, making them attractive targets for cybercriminals.

The risks facing the financial sector are set out in 'Cyber And The City', a new report by financial services firm representative body TheCityUK, which suggests banks need to take urgent action to bolster cybersecurity.

read this

Banks must move past PIN, OTP to ensure mobile security

PINs and one-time passwords should be abolished as a form of authentication.

Read More

"Digital technology has radically changed every aspect of our lives and brought untold benefits. Of course, with these opportunities it's introduced a new threat which is cybercrime; not only are they after our information, they're after our money and can and will steal it from wherever they choose," said John McFarlane, chairman of Barclays and TheCityUK.

"Make no bones about it, cybercrime is clear and present danger, not only to our current way of life, but also the security of society as a whole," McFarlane told an audience at a recent industry event in London. "Our traditional defences are no longer adequate to protect ourselves" when organised criminals and state actors can "carry out industrial level attacks", he continued.

Describing society as "well behind the game" when it comes to cybersecurity, McFarlane called for an "urgent and integrated response" order to combat the threat of cybercrime, with greater cooperation within the financial sector, as well with law enforcement.

"Let's face it, this is a war, but it's on a new front. They're a hidden enemy, operating behind the scenes and inside our organisations, our devices, and they're incredibly difficult to detect and to punish," said McFarlane.

"Losing is potentially catastrophic. Winning allows us to preserve our society and daily life as we know it. So let's get ahead of this by working together and urgently against his new and common enemy," he said.

The report makes several recommendations for financial companies looking to mitigate cybersecurity risks. It suggests that boards should take responsibility for cyber risks, rather than passing the buck to the IT department, for instance.

TheCityUK also calls for the creation of a City-wide cyber forum to "to promote collaboration across all firms" in the sector, in order to encourage best practice sharing and strengthen every organisation's cybersecurity.

"Cybercrime isn't a problem of the future, it's a very real threat today. There is no silver-bullet to manage it, but there are practical steps the industry, and the customers we serve, can take to ensure we're well protected against attack," said Chris Cummings, chief executive of TheCityUK.

"Cyber hygiene should be as commonplace as locking the windows and doors when you leave the house. It is essential for the industry and the continued attractiveness of the UK as a safe place to do business that we tackle this issue head on and make the UK a centre of excellence for cyber security," he added.

Read more on cybersecurity