Cyber challenge can be met, says Swift
Sibos 2016 opening plenary: focusing on cyber challenge
Swift has committed to help its members combat the cyber threat “in challenging times”, delegates heard during yesterday’s opening plenary session. Security will be a feature every day of the conference because “the cyber threat is here to stay”, said Swift chief executive, Gottfried Leibbrandt.
Swift chairman Yawar Shah added that Swift had pledged its full commitment to Swift members on security.
Leibbrandt advised members should start with “basic hygiene”, by securing their own environments with the necessary tools such as authentication, security credentials, anti-virus, firewalls, up to date patches to the security software etc.
He noted that his friends in the medical field tell him that if a surgeon washes his/her hands thoroughly for a full two minutes before an operation, the rate of deadly infections in the hospital could be cut in half, especially with the increased resilience of these infections to penicillin. “And yet the majority of the surgeons to do not comply with that, even though they know this is what they should be doing,” he said. Perhaps they need external pressure to comply, he mused. And this is what Swift is doing for banks to help them comply with their security departments. “We are rolling out a network of objectives, principles and around 30 controls that the banks should comply with to secure their environment.” The banks will then have to manifest that they have done the work, for the regulators and counterparties to see “that they have washed their hands, so to speak”.
However, hygiene alone is not enough these days. Cyber criminals are becoming more sophisticated, their attacks more complex and their efforts more organised. For that, the market participants, including Swift, need to “share and prepare”. Swift published daily payment reports with metrics on risk and traffic, so banks can spot the problems and apply the necessary controls, be it inbound or outbound traffic.
“Financial transactions and payments are a truly global business,” Leibbrandt stated. So it is important to act as a united community. “What happened to one institution in one country may as well happen to another institution across the world”.
Leibbrandt suggested Swift members should “share and prepare”; share the indications of the attacks and breaches with Swift so that it can publish these (anonymously, of course) so other banks and financial institutions can learn and get ready for similar attacks.
By doing all of the above, the financial world can protect itself from the cyber threat. “It can be done,” Leibbrandt said.
He cited a collaborative effort between Swift and a group of banks involved in a suspicious transaction earlier this year. By working together, the breach was prevented. What contributed to the successful outcome, he pointed out, was Swift and the banks working in “real time” and sharing information.
But the threat is relentless, he warned. And so is the work to combat it. As well as the investment in core resiliency, collaboration and education.
On other issues, Leibbrandt said fintech was also here to stay and is transforming the landscape, posing challenges and real opportunities to all.
Innovative fintech developers and their technologies, such as biometrics, pattern recognition and remote controlled detection, are just some examples of what’s available to combat the cyber threats, Leibbrandt said.
On a broader scale, “fintech will eat our lunch unless we adapt and innovate ourselves, and keep up with the pace of innovation”.
Needless to say, Swift is keen to emphasise its love of innovation. Leibbrandt cited the introduction of real-time payments in Australia – the New Payments Platform (NPP) – a high-profile technology modernisation project Swift has been involved in. Swift won the hotly-contested 12-year contract to build and operate the NPP infrastructure in late 2014 (at the time, the deal was said to be worth A$1 billion). NPP will allow Australian banks to offer instant payments to their clients and a host of new services on top of that.
In his concluding remarks, Leibbrandt talked about correspondent banking – “the great asset for the industry, with unique reach, established practices and deep liquidity” – and how to take it to the next century. “One million active bilateral relationships on our network – one million friendships on the Facebook of financial services.”
Developments such as the Global Payments Innovation Initiative (GPII) is one of the solutions, with 80 banks signed up already and the “active pilot” project under way. It will bring “greater speed, traceability and transparency”, Leibbrandt said. An introductory session on GPII yesterday morning in the Swift auditorium was standing room only – an indication of the interest the initiative has generated.
