US post-trade utility the DTCC is reporting that almost half of the respondents in its most recent Systemic Risk Barometer Study cited cyber security as their top concern, making it the single largest fear and doubling its rating compared to just 12 months ago.
The financial sector is a slow mover in innovation, however no single industry is leading the way in the Digital Identities economy. Banking is one sector that can take advantage of Digital Identities to better develop customer experience given the nature of the engagement and relationship between Banks and their customers. Banks fulfil a very […]
Visa Europe says that it will roll out its V.me by Visa in the UK this year, having secured commitment from 55% of the UK’s card issuance base, which accounts for more than 60 million card holders, and thousands of the UK’s retailers. It will now be commercially available to the majority of internet shoppers in the UK before the end of 2015.
As greater convergence between asset classes and the unification of trading desks and trading strategies across multiple asset classes becomes more common, the opportunities for sophisticated market abuse may be on the rise. That may mean that the need for surveillance is greater than ever, according to Tony Sio, head of SmartsTrade Surveillance, exchange and regulators at Nasdaq.
Security specialist RiskIQ says the growth in digital business is producing an increasing threat to banks across the world, with the largest banks owning an average of 7,500 public facing digital assets – 60% of which are outside the company firewall.
A former head of the UK Security Service better known as MI5 says banks need to beware the danger of state agencies and others stealing or destroying confidential information.
Banks need to recognise that building a wall to keep cyber security threats out will not work. With breaches from both sides of the wall inevitable, financial institutions would do better to pare down their activities and focus on defending their core assets – including intellectual property and transactional systems.
Bankers should watch what they say in public, or risk a devastating computer network attack on their business from state-sponsored hackers. This was the stark warning offered by speakers at the FIX Trading Community conference in London yesterday.
At lunchtime on the African savannah, you needn’t be the fastest zebra to survive –you need to avoid being the slowest. You can only be sure you’re not the slowest zebra if you can see what the rest of the herd are up to. Efforts in software security to share information on attacks, responses, and best practices are important to understanding what the herd is doing …
To counter cyber-crime, an organisation must have a person providing leadership and oversight in the strategic planning, execution, and assessment of security strategies, policies, procedures and guiding practices. Ensuring compliance with legal obligations in respect of information and information security is also a key responsibility. What many companies need is a chief information security officer
In a joint international operation Europol’s European Cybercrime Centre seized servers said to have controlled the Ramnit botnet that had infected 3.2 million computers internationally. The operation involved investigators from Germany, Italy, the Netherlands, and the UK – which led the operation – along with partners from private industry.
Financial institutions are being urged to revisit their cyber-security following revelations that an online gang using the Carbanak malware stole up to $1 billion from banks in 30 countries around the world in a series of highly-sophisticated attacks over the last two years.
The cyber-attack on Sony Pictures at the end of last year highlighted something that IT and security people in financial services have known for some time – the modern networked environment is far less secure than most people are prepared to admit …
Protecting your banking infrastructure from cybercriminals is one of the toughest IT challenges in banking. It keeps getting harder, even though banks are working tirelessly to protect both customers and assets. Attacks are growing in size, and new developments such as the Internet of Things mean attack surfaces are growing, as well as the number of endpoints that can be used to launch attacks.
Lloyds Banking Group is to allow customers to upload images of identification documents required as part on an online account opening application, removing the need to visit a branch.
Initially the new electronic identification and verification checks, which will start to be rolled out to customers from next week, will be available to customers who want to add an additional party to an existing account.
It’s no secret that more bulge bracket trading desks are turning to online intelligence – predominantly social media – to obtain breaking news and views ahead of traditional wires. Yet, with constant pressure to get the edge over competitors, other departments of major investment banks will start following the trading floor’s lead.
Securities market regulators are beginning to clamp down on market abuse linked to complex high-frequency trading strategies – but there is much more to be done, according to a new report by financial consultancy Kinetic Partners.
A range of social, political, cultural and economic factors drives cyber attacks. How well banking and financial institutions understand the drivers for an attack and how effectively they respond in the 48 hours following the discovery of an attack has a major effect on the resultant impact.
With Sony the latest victim of hacking, large organisations are witnessing yet again how data breaches cause serious damage, to the tune of millions. The prevalence of hacking in the media begs the question, what’s in store for 2015?
As 2015 gets under way, it is time to take stock of some of the biggest challenges facing the banking industry this year – including cybercrime, cultural change, more stress testing, ever-increasing regulatory scrutiny and a troubled economic outlook in Asia, Europe and the Middle East.
One of the trends of 2014 was its delivery of technology that we had been promised for years but had fallen short until now. Siri, Cortana and Google Now all make good on the sci-fi staple of the voice-activated computer. Virtual reality has been attempted many times, but it seems that the Oculus Rift may have finally cracked it. And biometric authentication, while often included in devices but rarely used, is now commonly used by owners of new iPhones to unlock their devices thanks to Touch ID.
A platform for sharing cyber-security threat intelligence among financial services companies has been launched by US post-trade utility the DTCC and non-profit security organisation FS-ISAC. Called Soltra Edge, the platform gathers data about cyber-security threats and converts it into a standardised format for sharing.
As Bob Dylan, famously sang, The Times, They Are A-Changin’. Once, the tools required to carry out a bank raid usually comprised a shotgun, old stockings and a bag labelled “swag”. Today, it’s a laptop, computer programming skills and patience. And the nature of the crime is changing too – previously, the goal was often to get away with a few thousand pounds, before lying low for a while. Now, the “prize” sought may be the theft of millions or the personal details of thousands, to be then sold on.
Fraud and financial crime are growing substantially in their nature and complexity as we continue to evolve into an ever more connected world. New technologies, particularly the spread of mobile devices, have opened up different avenues of attack for technically sophisticated and well organised gangs of fraudsters and criminals. The social and economic costs of organised crime in the UK alone are estimated to be £24bn, of which £8.9bn are associated with fraud.
Greater information sharing and closer collaboration between the public and private sectors are needed to combat cyber-attacks, which are now the principal concern of the financial services industry, according to the DTCC. A top priority should be the creation of global industry working groups to engage with national regulators on the development of cyber-security regulations that address the real-time and evolving nature of cyber-threats.
The recent nomination of the British Banker’s Association as an intelligence node and source of benchmarks and practices in the UK’s financial infrastructure, via CBEST, has pushed the role of the banking sector in detecting and remediating breaches into the spotlight. So what can banks do to ensure their cyber defences are up to the task?
As banks develop new retail styles, they face new security challenges as the changing use of space in-store means surveillance and alarm systems must evolve in tandem.
Microsoft has begun a joint pilot project with the Financial Services Information Sharing and Analysis Centre (FS-Isac) to tackle financially-motivated cyber crime attacks, which are estimated to cost $100 billion a year in the US alone.
While the average bank heist averages $6000, a cyber-thief can make off with millions. Last year 552 million identities were breached, while every call about a compromised credit card costs a bank $4.
Barclays plans to offer corporate banking users a new security services based on Hitachi’s Finger Vein Authentication Technology from early next year and is considering introducing it to branches for consumers.
Regulators in Europe and the US are struggling to get to grips with trades that appear to be travelling back in time. Led by the UK’s National Physical Laboratory, new efforts are underway to synchronise time, with the help of atomic clocks.
The news last month (June) that the Luuuk malware had snared its first victim, an unnamed European bank, has again highlighted the magnitude of the challenge facing the banking sector. While the reported theft of €500,000 during the course of a week certainly does not break any records, the discovery of what is believed to be a variant of the feared Zeus malware, is just the latest in a line of increasingly sophisticated cyber attacks
With passwords continuing to attract widespread derision from consumers it seems that businesses are starting to listen to their customers and in recent weeks voice biometrics has been hitting the headlines, as the technology is set to replace the bane of so many people’s lives.
Firms looking to adopt cloud-based services should consider the security and data privacy implications associated with moving critical systems into the cloud, and not let vendors drive their technology strategies for them, according to Bank of England CIO John Finch.
“The fastest growing national security threat facing the [US], which also happens to face the financial services industry, is cyber-espionage, cyber-crime and cyber-terrorism” according to a former deputy and acting director of the Central Intelligence Agency, speaking at the SifmaTech conference in New York.
Specialist Java start-up Waratek has announced a security product intended to protect older Java code – which can contain five to 10 security vulnerabilities per 10,000 lines of code – from security breaches.
A major new effort spearheaded by the Bank of England and the UK Treasury has been launched to shore up the cyber defences of the UK financial services industry, amid rising concerns that testing has exposed serious unaddressed weaknesses.
As the number of cybercrime incidents increases, financial institutions and their corporate customers should take renewed steps to protect their data – including using tokenisation and hosted payments pages, according to a new report by Chase Paymentech.
Bank account fraud in the UK increased 48% in the first four months of this year, with a 57% rise in the number of identity frauds compared to the same period last year.
Confusion and concern over security is cited over and over again as the biggest barrier to widespread consumer uptake of mobile payments. And no wonder – confidence in the protection of sensitive cardholder data lies at the heart of trust in this technology. An EMV card as a physical asset is cryptographically secure. How can we emulate this security with something that is virtual?
