The Bank of England has called on the UK financial sector to beef up protection against cyber criminals.
Following a survey of 36 financial institutions, the Bank of England (BoE) said that although it hadn’t identified any immediate shortcomings, they found areas for potential improvement that should be addressed to keep the ever-increasing danger of cyber-attacks at bay.
“Cyber is a dynamic, intelligent and adaptive threat,” said Andrew Gracie, an executive director at the BoE in charge of winding down failed lenders. "All parts of an organisation need to understand cyber risk and their responsibilities towards improved cyber hygiene. This includes Board-level engagement.”
He said banks must invest in ways to identify threat and cyber-attacks, a task that should not be left just to junior ‘technologists’.
Craig Balding, group head of cyber risk at Barclays, said the bank was evolving its approach to cyber risk, making a distinction between cyber and technology systems.
"Cyber has the attention of our board, no question about it," he told the conference. "I don't know if we can ever be ahead of the threat as a commercial organisation."
Gracie said banks were already spending significant amounts of money on building their defences but they were not testing them on a regular basis.
To help banks improve their resilience, the BoE would facilitate sharing of information between them.
"We don't laugh when somebody else is getting hacked," Balding said.
Britain has previously conducted several cyber-attack simulation exercises such as the operation Waking Shark 1 and 2 to test responses.
A joint testing programme between the US and UK governments and authorities will start later this year.