Earlier this week, the British Bankers’ Association (BBA) called for greater collaboration between UK banking institutions, claiming that Britain’s entire financial system is vulnerable to a cyber attack unless there is greater co-operation between the leading banks and law enforcement agencies.
The topic of financial services and cybersecurity is one of the most significant industry challenges in recent years and I am glad to see this conference taking place this week. Despite the publicity which cybersecurity has garnered, the risk has still not been countered effectively. Most institutions are vulnerable and do not have effective controls and frameworks in place to mitigate these risks.
Of course there is considerable complexity in tackling cyber at an industry level. Threats are changing with the speed of technology and new dimensions are discovered on a weekly, if not daily, basis. We also need real collaboration between law enforcement, supervisors and regulators, financial institutions, research groups and standards development organisations such as the International Organisation for Standardisation (ISO) and others. We will continue to struggle if we do not look at this from a multi-disciplinary view with a collaborative approach. But when you consider the challenges, it’s no easy feat.
We need to raise awareness and develop best practices that are agile so the processes, and institutions themselves, can adapt to new vulnerabilities related to mobile, cloud and social media. We need to be able to incorporate innovations in technology and use them to our advantage, rather than viewing change as a threat.
Silod data management models are predominant and a point of vulnerability – made worse by resistance to transparency. Change is possible, though. Take the use of new technologies such as big data analytics and predictive capabilities to help support collaboration, deliver a stronger framework of advanced cyber defenses and provide more insights into the threat and greater information sharing between financial institutions.
In my view, the BBA’s call for collaboration is the right approach but it needs more. We need actionable collaboration, in addition to productive and effective integration of common data and best practices. This will help drive the industry in the right direction to face the new and increasingly complex cyber threats coming towards us at a fast rate of technological change. It’s certainly not a simple path to success, requiring collaboration from numerous sources – but it’s one which we need to make further headway with, before lasting and costly damage is done.
The industry overall may underestimate the sense of urgency. Putting together the basis for a framework is a starting point; supporting it with actionable policies, standards, best practice and automation where needed. Taking it further, the use of analytics intelligence as part of a coordinated approach across stakeholders and institutions will be crucial, particularly as technology continues to push ahead.