Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.


By Kane Hardy, VP of EMEA, Hexis Cyber Solutions

Kane Hardy
Kane Hardy

The recent news that both HSBC and First Direct are to implement biometric voice and fingerprint regonition instead of passwords, highlights that the evolving threat landscape is at the top of the agenda for these banking corporations. A study from the Centre of the Study of Financial Innovation clarifies that UK bankers fear cyber attacks more now than they do a faltering economy or political interference.

Given the strategic importance of the financial sector, any large-scale cyber attack now represents a serious threat to the larger economy and one that may have a significant impact on how it performs on a global stage.

Threats online are becoming increasingly sophisticated as the ability to evade detection evolves at a blistering rate. Its clear that financial institutions are struggling to sew together legacy banking systems, with new digital channels making themselves an easy target. Criminals long for weaknesses that exist in networks. These frailties are being exposed by hackers that combine the simplicity of daylight robbery with the malware and cyber techniques that have been born out of emerging technology.

In addition, the surge in mobile and online banking within the financial services industry has introduced new vulnerability as hackers have access to a slew of new attack vectors. Highly sought customer and business data can be pick pocketed through sophisticated botnets and other ‘backdoor’ cyber threats without the consumer even being aware.

It is more clear than ever that cyber security has a key role to play in this sector and must be approached with complete professionalism.

How tight is your security? The Bank of England wants to know

Last year, big businesses found their networks to be compromised by attackers looking to steal extremely sensitive financial information and intellectual property. Unsurprisingly, concerns about a cyber security onslaught on the UK’s financial system have intensified.

In response, the Bank of England is including cyber attack scenarios in its annual stress testing exercise for UK banks. In addition, financial institutions will be required to fulfil specific security measures and notify regulators about cyber incidents after European MEPs reached an agreement on the first cyber security rules for the European Union (EU), the Network Information Security (NIS) directive.

Throwing money at security doesn’t neccesarily work

Knowing they’re a target, many financial institutions have hefty security budgets designed to build a strong defence. Yet too often they focus only on compliance requirements and rely on tools like firewalls, sandboxing, email scanning and web controls to protect the fortress walls. As the threat from cyber crime continues to intensify, these solutions, are no longer enough to stop cyber criminals in their tracks. More security solutions won’t necessarily lead to better protection as criminals are still able to find the holes in an organisation’s defence and exploit them.

Ready for the fight?

To build effective governance strategies and ensure financial institutions can quickly recover if attacked, organisations need to beat cyber criminals at their own game – responding to any threats at machine speed with automated processes.

An active behaviour-based approach that monitors and manages threats is important to gain increased visibility into the malicious activity within an environment. Only then is it possible to develop a process to identify serious threats and ensure the response matches the speed at which attacks are being generated.

In order to protect valuable assets, every financial institution needs to assume a state of continuous compromise. The focus needs to move to adopting an adaptive security framework, one that not only detects, but responds and remediates.

With new regulations and an evolving threat landscape, financial service organisations would be advised to review their defences. Cyber criminals are adopting a stealthier approach but their attacks remain explosive and fast. Financial institutions cannot become complacent given the numerous tactics attackers have at their disposal.

In 2016, we must accept that no financial institution is safe from cyber crime.