Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

TO FIGHT CYBERCRIME, A FUNDAMENTAL CHANGE IN MIND-SET IS NEEDED

By Paul Stokes, COO Wynyard Group

City of London Police Chief Adrian Leppard, at a recent Tech UK conference, said that up to 80% of online crime goes unreported to the authorities.The Commissioner told the audience that the scale of the threat is much greater than the public think, so much so that it may have even surpassed what drugs make up the criminal economy.

Leppard’s concerns echo a report released last year by the Joint Committee of the European Supervisory Authorities (ESAs) which shows, not surprisingly, that banks “have been hit by cyber-attacks and other malicious attacks more frequently, and have seen an increase in high-profile distributed denial of service (DDoS) and outages.”Industry surveys also indicate that more than half of the world’s biggest banks’ websites have been hit by security incidents in the past eight years..

The vast gap between what is reported and the actual threat level arises primarily because of banks’ unwillingness to report breaches, for fear of damaging their reputations and losing customers. This attitude makes it harder to gain an accurate picture of online crime, helping fund growing cyber criminality and in turn, costs customers collectively.

This raises the question of whether the UK government should consider obliging firms to disclose serious breaches, as is currently the case in the US.There has been proposal by the European Commission that companies operating in Europe across a wide range of industries, including banking, would be required to report cybersecurity breeches to designated national authorities.

More importantly, this calls fora fundamental change in mind-set by both banks and law enforcement agencies, one that prioritises detection and prevention, rather than a traditional approach of dealing with an incident once it has happened.

But detecting threats is not easy. Today, banks face sophisticated intruders who constantly change and refine their methods, as well as insiders who abuse legitimate access to manipulate and steal data.

Attacks are also very difficult to detect, because there is no attack rule book to consult. A clever intruder may lie low within an organisation for a long period of time, concealing their movements within the “noise”of the network. Insiders are even more difficult to spot because much of what they do may be legitimate, while only a small part of their activity is threatening.

The key is to understand what is happening on a continuous and ongoing basis, evaluate the degree of risk at any one time in order to detect cyber breaches early on, understand them and manage them. This is essential considering that, on average, it currently takes around 230 days before a breach is detected. By this time, the damage has been done and in some cases it is irreversible.

A new approach to cyber security is now needed – one that takes advantage of big data and smart algorithms to allow organisations to detect small anomalies before they become big problems. With mathematical machine learning and anomaly-detection capability, new information-driven cyber intelligence tools are designed to allow organisations to identify previously unknown, security-relevant patterns in an ongoing and timely manner, enabling identification of high-risk cyber threats and vulnerable areas that can inform comprehensive risk management strategies.

Serious cybercrime and cyber espionage are an unfortunate fact of life for virtually all companies and governments.  Regardless of mandatory reporting of a breach, the company that employs big data analytics to detect and act on unusual network activity is best positioned to counter those attacks, preserve their data, and protect their customers and reputation.