Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

ARE WE WINNING THE BATTLE AGAINST CYBERCRIME?

Dr. Wael Aggan, CEO, CloudMask

Banks are all about money. Money for individuals, money for businesses and obviously money for the banks. With all these riches, it’s no wonder that the finance sector is a major target for cybercrime. From selling sensitive personal and account details on the underground market to fraudulently accessing online accounts, there is a lot to gain.

The British National Security Strategy has listed organised cybercrime on a par with terrorism as a major threat to national security. It is important to recognise that today’s cybercriminals are not driven by glory; they are organised and in the case of banking fraud, motivated by money. In the same way that hacktivists are influenced by personal causes and nation-states driven by espionage. They are all after the same thing – your data – and data is the fuel that drives cybercrime economics.

cloudmask-horizontalCybercriminals are even more active than we think. It’s been uncovered that the banks are understating the real amount of fraud happening by at least half of what it is in reality. The latest Annual Fraud Indicator estimated that retail banking fraud cost £475 million a year, based on reports from banks. The Times revealed in August that 3.6 million in banking fraud had been left out of official figures.

Banks are not alone in disguising the true scale of cyber-attacks. Organisations around the world are guilty of not being transparent when it comes to cybercrime reporting. In many cases, organisations are unaware that they have been victim to a breach. Sophisticated stealth attacks are increasingly common and in many cases personal data is stolen and no one will know until months down the line when their identity has been stolen and new credit cards applied for or bank accounts emptied. Despite all of this, breaches that are made public are rising significantly.

A report by the British Bankers’ Association found that 93 percent of large organisations suffered a security breach last year and seven in 10 banking chief executives see cybersecurity as a major risk to growth. Cyber security is emerging as a key threat to the banking system and regulators now take the ability of a lender to withstand a serious online attack almost as seriously as measures of strength such as capital levels and short-term liquidity buffers.

The UK Information Commissioner’s Office (ICO) reported 1,559 data breaches between April 2013 and March 2014. By September this year, the ICO issued fines totalling £5,391,000 in the UK for data breaches since it was given this power in 2010.

This is only one of the issues when being transparent about security breaches. Not only do consumers and business lose confidence but your reputation goes down the drain and it costs money. The financial services sector has suffered badly, facing some of the biggest fines in history including the Financial Service Authority fining HSBC £3.2m for data protection failures in July 2009 and then Zurich Insurance for £2.3m over customers’ data loss just over a year later.

The most recent security breach is possibly the largest ever seen where the US’s biggest bank, JP Morgan Chase, admitted that 76 million households and seven million businesses had their private information compromised in a cyber-attack. Customers’ names, addresses, telephone numbers and email addresses were compromised in the attack.

The digitisation of the global economy has made our lives easier and has created huge opportunities for businesses as well as the banks but it has also created security risks. Banks are trying their best to keep the bad guys out but are they winning the battle against cybercrime?

The Bank of England did an exercise in 2013, Operation Waking Shark 2, simulating a cyber-attack on the British financial system which demonstrated very limited knowledge by the banks on how to deal with these types of attacks. Despite a number of initiatives from intelligence agencies, financial authorities and the institutions themselves, vulnerability to cyber-crime remains one of the key threats facing the financial sector.

Banks are spending a huge amount of time and money to protect data and increase defenses against cybercrime. The British Bankers’ Association report found that British financial companies spent £700m on cybersecurity last year.

The UK Information Commissioner has issued guidelines about protecting personal data and suggests anonymising data. As per the ICO definition, ‘anonymisation is the process of turning data into a form which does not identify individuals and where identification is not likely to take place. This allows for a much wider use of the information. The Data Protection Act controls how organisations use ‘personal data’ – that is, information which allows individuals to be identified.’

Could it be that simple? Maybe it’s time to strip it all back and look what is important. What are cybercriminals after? Forget building walls around your riches and spending fortunes on intelligence. It seems that by making simple changes to how data is created, stored, processed and consumed, banks can remain competitive in the global economy and consumers might have greater confidence using in their bank.

Banks are all about money, but for cybercriminals the money is in the data.