close

News WrapGet Handpicked Stories from our editors directly to your mailbox

Bank of England calls for ''super shield'' against cyber attacks

Britain may need to copy the United States in building a "super shield" against catastrophic cyber attacks or major IT glitches that could cripple the finance industry, a senior Bank of England official said on Tuesday. 

Bank of England calls for ''super shield'' against cyber attacks
Disruption from last year`s IT upgrade at TSB bank served as an important reminder that banks need to be resilient to a wider range of operational issues than cyber, Strange said. Reuters
By Reuters
Updated: Tue, May 14, 2019
04:50 pm
London, Reuters
RELATED NEWS
UK PM May seeks $34 billion boost for education UK PM May seeks $34 billion boost for education
UK should be 'cautious' about further minimum wage rises - think tank UK should be 'cautious' about further minimum wage rises - think tank
No 'May' in June! UK Prime Minister Theresa to quit after three years of failure to deliver Brexit No 'May' in June! UK Prime Minister Theresa to quit after three years of failure to deliver Brexit
Ravi Mehta, Indian-origin hedge fund boss, breaks rental record in UK Ravi Mehta, Indian-origin hedge fund boss, breaks rental record in UK
UK economy grows as pre-Brexit stockpiling lifts factories UK economy grows as pre-Brexit stockpiling lifts factories

Britain may need to copy the United States in building a "super shield" against catastrophic cyber attacks or major IT glitches that could cripple the finance industry, a senior Bank of England official said on Tuesday. The BoE is already taking action to ensure that banks, insurers and other financial firms can minimise the impact of cyber attacks or technology outtages on customers and recover as soon as possible. But Nick Strange, BoE director of supervisory risk specialists, said individual firms may not be able to meet minimum requirements for restoring services like payments within the timescales to be set and tested by the Bank.

"It this were the case, then it would either fall to the public or private sector to come up with a collective solution," Strange told a conference on operational risk. "In the U.S., a private sector initiative has been set up called Sheltered Harbor to protect customers, financial institutions and public confidence in the financial system if a catastrophic event like a cyber attack causes critical systems, including backups, to fail." Under the industry-led, not-for-profit scheme launched in 2015, companies provide copies of customer account data to a centrally maintained vault.

Companies can designate other companies to restore critical customer data if they suffer a major hack or outage that they cannot recover from quickly. "Although yet to be tested in a real cyber event, this shows that by working together innovative and ambitious solutions can be initiated within the sector itself," Strange said. Later this year, the Bank will pilot a cyber stress test of financial companies that includes an "impact tolerance" to assess how many customers and payments would be hit by an outage, and how quickly services could recover.

Disruption from last year`s IT upgrade at TSB bank served as an important reminder that banks need to be resilient to a wider range of operational issues than cyber, Strange said. "We will be working with a small number of firms to `test the test`," Strange said.