Bank of England: Cyberattacks A 'Clear and Present Danger'
The Bank of England’s chief information-security officer said cyber-attacks are an ongoing danger for firms and building defenses isn’t just a technical issue.
In a speech in London, Will Brandon said executives must “get away from the perception that cyber is just a technology problem that can be solved entirely through engineering solutions.” That’s because hackers can take advantage of people within companies to gain access to systems, he said.
“Attackers tend to exploit the credulity or laxity of their targets to achieve their ends,” he said at the recent City Week conference. “And while some can and do develop highly technical attacks, for the most part these are facilitated in some way by people or process weaknesses in their victims’ defenses.”
The BOE’s Financial Policy Committee consistently includes cyber risk as a potential threat in its regular reports on financial stability and has said that a breach of a major bank would likely affect the whole industry. In March, it said there was some evidence of an increase in the frequency and scale of distributed denial of service attacks against UK financial institutions in recent months.
Brandon said that while it’s not clear if this is the biggest threat to the financial services industry, “you don’t have to be one of the recent, high profile corporate victims of a cyber-attack to realize that cyber is a clear and present danger -- even if the threat is often unclear and perpetrators notably absent.”