Financial Institutions’ Cybersecurity Defences Left Lacking
Recent high-profile breaches at major financial institutions have highlighted the vulnerabilities of organizations that are unprepared for cybercrime. Despite growing awareness of the need for cooperation and investment in technology, many institutions remain ill-equipped to defend against attacks.
The Importance of Cooperation
The Talk Talk breach, where a teenager with no criminal affiliation was able to infiltrate the system, and the HSBC DoS attack, which remains unsolved, demonstrate the importance of cooperation between financial institutions and law enforcement. Experts warn that economic cybercrime will never be fully controlled, and stakeholders must adopt a more effective strategy to tackle the risk.
Partnerships and Information Sharing
One key step is through partnerships and information sharing. The UK National Computer Emergency Response Team (CERT UK) and the Cyber-security Information Sharing Partnership (CiSP) are initiatives aimed at addressing under-reporting of cybercrime. The World Economic Forum has also emphasized the importance of cooperation through its “Recommendations for Public-Private Partnership against Cybercrime”.
Technological Advances
In addition, financial institutions must invest in technological advances to improve their defenses. Advanced analytics technology can provide early warning systems and allow organizations to understand and respond to threats more effectively.
Challenges and Opportunities
However, many institutions lack the expertise and resources to implement strong cyber-security systems and profile attacks to develop best practices. This has led to a high proportion of large organizations continuing to suffer breaches.
The consequences of being perceived as vulnerable to cybercrime can be severe, including reputational damage and impact on share prices and financial stability. As such, institutions must change their culture and do more to communicate with law enforcement and cybersecurity experts to improve response capabilities and understand emerging threats.
Legislation and Regulation
Legislation at the EU level aims to expand requirements for operators of essential services to take appropriate security measures and report incidents to national authorities. This could lead to the creation of platforms for cooperation and improved sharing of information between institutions, law enforcement, and cybersecurity experts.
Conclusion
In conclusion, financial institutions’ cybersecurity defences are often left lacking, leaving them vulnerable to attacks. To improve their defenses, they must adopt a more effective strategy through partnerships, investment in technology, and improved communication with law enforcement and cybersecurity experts.
Quote
“Financial institutions must work towards putting in place robust strategies that address technological difficulties while simultaneously understanding the human factors behind the risks and the need to constantly share (quality) information with others.”
— Dr. Inês Sofia de Oliveira, Research Fellow at the Centre for Financial Crime and Security Studies