ANALYSIS | Cyber Security
Robert Rutherford on why the C-level must take full responsibility
for a security breach rather than placing blame on the IT team
On Alert!
When it comes to
cyber attacks, banks
need to up their game
T
he Financial Conduct
Authority (FCA) has expressed
concern over the cyber attack
on Tesco Bank last year after
£2.5 million was drained
from customers’ accounts. Within hours,
customers’ current and saving accounts,
as well as credit card details, were being
traded on the dark web, with many hackers
on live chat rooms referring to the firm as a
“money machine”.
According to FCA data, only five cyber
attacks were reported in 2014 – as
opposed to the staggering 75 reported
in the first 10 months of 2016 alone.
Although the money stolen from Tesco
Bank was refunded and no personal data
was compromised, this incident should
44
DIRECTOR OF FINANCE
serve as a warning to all banks and the
financial services industry as a whole
that cyber criminals are implementing
increasingly intelligent ways of
outsmarting IT systems.
The truth is that firms in this sector
have been facing cyber attacks for
decades, as this industry is especially
attractive for criminals who are looking
to access financial data. After all, the data
being held on these systems not only
includes client’s financial and personal
details, but also information about the
firms as well. It is undoubtedly difficult
for banks to continually defend against
the constant cyber attacks they face, but
IT security must be considered a priority
when it comes to budgets.
Why are banks such easy targets?
The biggest reason that criminals target
banks is obvious: money. Financially
motivated cyber crimes account for three
quarters of all reported security breaches.
It has, however, been reported widely
that Tesco Bank ignored various warnings
regarding its IT systems and how secure
they really were. This is an issue with
many firms who do not understand
the importance of cyber security –
particularly in the current economic
climate, with budgets being evaluated
more critically than ever in an effort to
reduce costs.
In addition, banks’ computing systems
are not only incredibly complex, but are
also outdated legacy systems in many
dofonline.co.uk