A recent report by the Joint Committee of the European Supervisory Authorities shows, not surprisingly, the financial sector attracts more cyber-crime than other industries. It states that banks ‘have been hit by cyber-attacks and other malicious attacks more frequently, and have seen an increase in high-profile distributed denial of service (DDoS) and outages’.

In fact, the International Organisation of Securities Commissions has predicted that the next big financial shock will come from cyber-space, after mass attacks on financial players. In the UK, latest warnings from the Bank of England clearly show that the “cyber-threat” has become one of the biggest problems facing the financial system.

Banks are doing everything they can to stay ahead of cyber-criminals but the challenges they face are immense. Given that banks are under almost constant risk of being attacked, what can they do to protect themselves?

Cyber-crime cannot be prevented at the perimeters of today’s large, complex and global networks, and banks need to abandon the illusion of 100% IT security. Cyber-criminals’ sophisticated practices have rendered traditional perimeter defences, including proxy, firewall, VPN, antivirus and malware tools, inadequate to protect against attacks.

As a result, banks have to continue to protect important information but they also need to assume they have been breached and use new technology to detect the breach quickly. This will give them a much better chance of preventing the compromise or loss of critical information. 

On average, it takes 230 days before a breach is detected. By that time, the damage has been done and in some cases it’s irrecoverable. In the case of the recent JP Morgan attack, hackers were in the bank’s network undetected for about two months.

The key is to understand what is happening on a continuous and ongoing basis, evaluate the degree of risk at any one time and have a plan to counter the activity. New technology such as information-driven cyber-intelligence provides banks with a valuable tool to do this. Identifying and characterising cyber-threats and assessing the vulnerability of critical assets and operations specific to the threat puts organisations in a better position to identify ways to reduce those risks and strategically prioritise risk reduction measures. They can also plan for what the likelihood and consequences of specific types of attack are and can better manage and minimise the risk.