Bank of England Testing Banks' Cyber Resilience

Britain's banks will have to show they could recover from a cyber-attack within hours to avoid customer payments being delayed to the next day, the Bank of England has announced 

The BoE said it would hold a pilot cyber stress test of lenders mid-2019 but individual results won't be published. The "severe but plausible" test will look at how banks' could withstand a cyber-attack and how quickly they would recover so that payments can continue.

The pilot test will look at the payments system of a bank going down, but future tests would also likely include data being corrupted, the BoE's Financial Policy Committee (FPC) said.

Banks, which the BoE did not name, will have to show that payments made on the day of the theoretical cyber-attack are completed that day.

"The pilot exercise would be launched in the summer. Ahead of that the Bank would engage with firms to arrange appropriate and proportionate coverage of the pilot exercise," the FPC said.

It also said that this year's annual stress test of major banks for resilience to market and economic shocks would be largely in line with the 2018 exercise, a nod to the Bank's view that lenders hold enough capital in general.

There would also be no major change to the thresholds that banks must stay above to pass the test without having to find more capital. The results are published in the fourth quarter. Next year's stress test will include CYBG bank, and the standalone ring-fenced arms of the main lenders.

Euronews:            Image: Nick Youngson

You Might Also Read:

Banks Attacks Up Sixfold Last Year:

Barclays Fights Off Cyber-Attacks Daily:

« Qbot Banking Malware Can Infect Cybersecurity Firms
WordPress Comprises 90% Of Hacked Sites »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC - JAMK University of Applied Sciences

JYVSECTEC is a cyber security research and development and training centre

Concise Technologies

Concise Technologies

Concise Technologies provide specialist IT and telecoms solutions, support services, managed backup, disaster recovery, cyber security and consultancy to SME businesses across the UK and Europe.

CIRT.GY

CIRT.GY

CIRT-GY is the national Computer Incident Response Team for Guyana.

MailXaminer

MailXaminer

MailXaminer is an advance and powerful email investigation platform that scans digital data, performs analysis, reports on findings and preserves them in a court validated format.

NPCore

NPCore

NPCore is specialized in defense solution against unknown APT and Ransomware and provides two-level defense on network and endpoint based on behavior.

Neoteric Networks

Neoteric Networks

We deliver a no nonsense procedure to implementing technology. The technology selection process ensures that all customers enjoy an engineered methodology implementing technology.

GuardRails

GuardRails

GuardRails provides continuous security feedback that empowers developers to find, fix, and prevent vulnerabilities.

ISA Security Compliance Institute (ISCI)

ISA Security Compliance Institute (ISCI)

ISCI, a not-for-profit automation controls industry consortium, manages the ISASecure™ conformance certification program for industrial automation and control systems.

ToucanX

ToucanX

ToucanX has eliminated remote attack vectors without sacrificing productivity. We’ve brought embedded near real time virtualization to the enterprise endpoint.

Diaplous Group

Diaplous Group

Diaplous Group is a leading Maritime Risk Management (MRM) provider, delivering specialized services to an ever-broadening portfolio of shipping, oil & gas, energy and construction industries.

US Coast Guard Cyber Command

US Coast Guard Cyber Command

US Coast Guard Cyber Command’s focus is to ensure the security of our cyberspace, maintain superiority over our adversaries,and safeguard our Nation’s critical maritime infrastructure.

Def-Logix

Def-Logix

Def-Logix was founded in 2008 to help solve cyber threats being experienced by government agencies of the United States.

Cybergroot

Cybergroot

Cybergroot provides Cybersecurity Assessment services and professional Information Security trainings.

Quartz Network

Quartz Network

Quartz Network is a curated community for change-makers, up-and-comers, and professionals who are ready to grow, adapt, and thrive.

ID North

ID North

ID North is a Nordic service provider offering identity security to its customers by providing world class expertise and best-in-class solutions and services.

Appranix

Appranix

Appranix delivers Cloud App Resilience with app-centric entire cloud resources backup, restore, and cross-region disaster recovery.