The Bank of England has called for a “collective solution” by the private sector to tackle Cyber Security threats, similar to the US Sheltered Harbour, which is designed to protect banks’ customer data in the event of a systems failure caused by malicious action.
The call came in the wake of tests the Bank has been carrying out to model the impact of a serious breach of banking security, including a day of ‘war games’ in November 2018 to simulate large-scale cyber attacks.
The BoE’s Supervisory Risk Specialists Director Nick Strange said, “A possible – and I only say possible – outcome of the cyber stress-testing we are piloting may be that on their own, firms cannot meet the FPC’s proposed tolerance for payments system outage. If this were the case then it would either fall to the public or private sector to come up with a collective solution.”
In March, the BoE said it would be carrying out stress tests among UK lenders in the middle of this year, exploring how resilient their systems are to attack, how quickly they can recover, and whether payments made on the same day can be completed. However, the results of those pilot tests will not be published.
Earlier this month, a Freedom of Information request by Financial News revealed that the BoE itself is under constant attack by hackers, but the Bank refused to reveal further details – citing security as the reason for non-disclosure.
The security challenge is not limited to the UK. In June, the Group of Seven Nations (G7) will jointly simulate a cross-border cybersecurity attack on the banking system.
The three-day exercise – the first of its kind carried out by the G7 – has been organised by the Banque de France under France’s presidency of the group, and will involve all seven central banks, together with market authorities and finance ministries.
“Cyber threats are proof that we need more multilateralism and more cooperation between our countries,” said French Finance Minister, Bruno Le Maire.
- Earlier this month, it was announced that the BoE’s Chief Information Security Officer Cameron Rogers will be joining HSBC on 3 June as its first Head of Resilience Risk, while in April former Deutsche Bank CEO John Cryan joined UK cybersecurity firm X Cyber Group as Director, revealing the deepening ties between financial services providers and niche technology companies.
Be part of a discussion and connect with like-minded leaders in your sector at our exclusive event series on banking and RegTech.