UK Banks Face Cyber Security Stress Test - Operation Resilient Shield

 

The City of London financial institutions' CIO's will soon be feeling the heat as the Bank of England rolls out it's new war-game to test the cyber-resilience of the UK's financial sector.

Banks will be subjected to a series of ‘attacks', designed to spot weaknesses in their network. Any holes found in the defences of the UK's finance industry will be rigorously prodded.

The operation, called Resilient Shield, will be coordinated by the UK's Computer Emergency Response Team, CERT - UK, the team devoted to managing major cyber-security incidents in the UK. The tests will also include US banks and test the communication between governments and  financial institutions.

Obviously, financial institutions are large, desirable targets for cyber-criminals, hacktivists and spies alike. In few places is that more the case than the UK, one of the world's centres of finance.  Some 90 percent of large UK companies reported a breach last year and cyber-criminals are increasingly targeting UK banks and customers.
Sir David Omand, the former director of GCHQ, told senior finance officials in July that their businesses are at major risk of becoming the victim of a geopolitical cyber-attack. Mark Carney, the governor of the Bank of England also warned the finance sector earlier this year of cyber-crime being a major threat to the City's financial stability.

Richard Brown, director of channels and alliances for Arbor Networks agrees. He told SCMagazineUK.com that “The financial services industry is a critical part of the UK economy and has always been a lucrative target for attackers because of the sheer value of the data held within it – after cloud and hosting providers, financial services are the most common target for DDoS attacks”

The post-game report for Operation Waking Shark II, this new operation's antecedent in spirit if not in name,  stated that, “The lessons learned will not only influence the finance sector's preparedness for a real-life cyber-event, but also serve as an example of how other sectors in the UK's finance industry can test their own capabilities in the future.” But has it really influenced their preparedness? Several reports have shown the cyber-security in the UK's banks is not yet up to scratch or in line with the threats that those institutions regularly face. Several high profile cyber-heists in the last year, have not helped that image.

The software company, Fujitsu, recently released a report with some interesting findings on the UK's financial sector. SC spoke to Rob Norris, UK director of enterprise and cyber-security at Fujitsu. He said that the financial services sector often operates with legacy systems that have been outdated but it's also a sector where the speed and complexity of innovation, like mobile and online banking, is hard to keep up with from a cyber-security point of view.  “CIOs in the banking industry are facing an unenviable challenge” says Norris, but, ”what is paramount is that the industry does not overlook or get complacent about security or place it in the “too big to fix” category. As the number of threats continue to increase exponentially – can the industry afford for it not to be the number one priority?”

Where Waking Shark II and previous industry tests like it have dealt with information sharing and coordination in the wake of a cyber-attack on a state level, the inclusion of US institutions means that Resilient Shield will widen the scope to include transatlantic coordination too. 
SC Magazine: http://bit.ly/1H1Njxo

 

 

« Where Next? Paris Attacks Show Mumbai Strikes Are Global Blueprint
Internet of Things will drive the Digital Revolution of Industry »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Computer Weekly

Computer Weekly

ComputerWeekly provides the latest news and analysis through its website and weekly digital magazine, as well as award-winning, exclusive premium content.

OpenDNS

OpenDNS

OpenDNS are the world's largest cloud-delivered Internet security network, making the Web safer for millions of homes, schools and businesses.

Payload Security

Payload Security

Payload Security's VxStream Sandbox is a fully automated malware analysis system.

Raz-Lee Security

Raz-Lee Security

Raz-Lee Security is the leading security solution provider for IBM Power i, otherwise known as iSeries or AS/400 servers.

SynerLeap

SynerLeap

SynerLeap is ABB's innovation growth hub. Our aim is to help startups accelerate and expand across industries, ranging from industrial automation and robotics to grid technologies and smart cities.

Pointer Brand Protection

Pointer Brand Protection

Pointer Brand Protection is committed to protecting brands of all sizes from a variety of online crimes.

K2 Cyber Security

K2 Cyber Security

K2 Cyber Security delivers the Next Generation Application Workload Protection Platform to secure web applications and container workloads against sophisticated attacks.

QuoIntelligence

QuoIntelligence

QuoIntelligence experts can help your team understand the evolving cyber threats and provide simple yet comprehensive recommendations so you can focus on what matters.