The UK financial sector is not giving cybercrime the serious attention it warrants, despite the sector being the “perfect target” for cyber attacks. This security warning was announced in a report by lobby group TheCityUK.
“The UK government and its agencies have already started to take action,” says Mark Weil, chairman of TheCityUK’s cyber task force and chief executive of insurance broker
Marsh. “However, outside of a very few firms, we do not yet see cyber getting the attention it needs from business leaders.”
Swift global payments system warned last week that there had been a second case of a bank being robbed using methods similar to the largest-ever digital heist at the Bangladesh central bank in February.
TheCityUK proposed the creation of a new “cyber forum” which would help improve the flow of information about the activities of hackers trying to attack the financial system. The new body will work in tandem with other established groups in solidifying the industry’s response to cybercrime. It would be made up of board-level directors and a working group of risk executives or chief information security officers.
Some senior members of the banking industry admitted that they have been slow in sharing information with regards to cyber security, as they are worried about violating competition or client privacy laws.
Acknowledging the fact that beefing up cybercrime defences require significant expenses, the report proposes suggests that this could be partially offset by tax breaks, such as the bank levy and tax surcharge or the insurance premium tax.
“There is also a talent gap, given the rapid increase in demand for cyber security capabilities and given the high level of training required,” the report states, advising firms to offer more apprenticeships and new jobs to enhance cyber security.
“We in the financial and related professional services sector need to act with the urgency of knowing that a large, systemic risk is upon us,” says John McFarlane, chairman of Barclays and of TheCityUK.
“That means individual firms acting to make themselves safe and ready to recover. It also includes the industry acting collectively to make the system safe.”