Bank of England: Cyberattacks A 'Clear and Present Danger'

The Bank of England’s chief information-security officer said cyber-attacks are an ongoing danger for firms and building defenses isn’t just a technical issue.

In a speech in London, Will Brandon said executives must “get away from the perception that cyber is just a technology problem that can be solved entirely through engineering solutions.” That’s because hackers can take advantage of people within companies to gain access to systems, he said.

“Attackers tend to exploit the credulity or laxity of their targets to achieve their ends,” he said at the recent City Week conference. “And while some can and do develop highly technical attacks, for the most part these are facilitated in some way by people or process weaknesses in their victims’ defenses.”

The BOE’s Financial Policy Committee consistently includes cyber risk as a potential threat in its regular reports on financial stability and has said that a breach of a major bank would likely affect the whole industry. In March, it said there was some evidence of an increase in the frequency and scale of distributed denial of service attacks against UK financial institutions in recent months.

Brandon said that while it’s not clear if this is the biggest threat to the financial services industry, “you don’t have to be one of the recent, high profile corporate victims of a cyber-attack to realize that cyber is a clear and present danger -- even if the threat is often unclear and perpetrators notably absent.”

Information- Management

« Global 'Terror Database' Leaked
Your Server Has Been Hacked… What Next? »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DMH Stallard

DMH Stallard

DMH Stallard is a mid-market law firm. Areas of expertise include cyber security and cyber crime.

Puppet

Puppet

Puppet is a leader in IT automation. Our software helps DevOps securely automate configuration and management of machines and the software running on them.

Sqreen

Sqreen

Sqreen is a web application security monitoring and protection solution helping companies protect their apps and users from attacks.

Database Cyber Security Guard

Database Cyber Security Guard

Database Cyber Security Guard (aka Don't Be Breached) informs Security Professionals and DBAs of Zero Day, Ransomware and Data Breach attacks within milli-seconds

SAFECode

SAFECode

SAFECode is a global industry forum where business leaders and technical experts come together to exchange insights on creating, improving, and promoting effective software security programs.

Berezha Security Group (BSG)

Berezha Security Group (BSG)

BSG is a cybersecurity consulting firm specializing in all aspects of application security and penetration testing.

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER) conducts full spectrum military cyberspace operations in order to enable freedom of action in cyberspace and deny the same to the adversary.

Naq Cyber

Naq Cyber

Naq is the number one platform for SMEs looking to become legally compliant and protect against cybercrime and other data-related incidents.

Sentryc

Sentryc

Sentryc provides automated monitoring of brands on online marketplaces and social media making online brand protection processes faster, more clearly structured and more efficient.

Castlepoint Systems

Castlepoint Systems

Castlepoint Systems is a pioneer in information governance, risk and compliance as a service. An all-in-one solution offering powerful risk management, built in compliance, cybersecurity and audit.

Stack Identity

Stack Identity

Stack Identity protects access to cloud data by prioritizing identity and access vulnerabilities via a live data attack map.

OxCyber

OxCyber

OxCyber's mission is to ignite and encourage cybersecurity and technology growth in the Thames Valley through meetings, webinars, in person events, workshops and mentorship programs.

Invisily

Invisily

Invisily makes enterprise and cloud computing resources invisible to attackers with zero trust solutions, making them visible only when needed to only those who need them.

eTech S.C.

eTech S.C.

eTech specialize in a broad range of technology solutions, including software development, cybersecurity, infrastructure, and IT outsourcing (ITO) services.

Breeze Security

Breeze Security

The Breeze Platform acts as a defense coordinator, unifying security across identities, endpoints, cloud, and data to expose real attack paths, orchestrate remediation, and detect threats.

Arksentry

Arksentry

ArkSentry is a modern penetration testing platform powered by highly vetted security experts. We make pentests easier, faster, and more affordable with powerful integrations built for today.