Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Finance industry remains vulnerable to cyber attacks

October 2013 by MWR InfoSecurity

Financial firms could be missing out on attack paths to key industry infrastructure, leaving the sector vulnerable to a major cyber attack, IT security firm MWR InfoSecurity has warned.

The company issued the warning after the Bank of England and the Treasury urged board directors in the financial industry to draw up plans to address the increasing threat levels from cyber attacks.

Alex Fidgen, director at MWR InfoSecurity, said: “Whilst the issue of improving security is a complex one, it should be focussed around an asset based approach. Emphasis has to be made in protecting key industry infrastructure, such as payment systems, by blocking all attack paths leading to it, and this can only be achieved by thorough assessment of a company’s assets.”

“In order for the finance industry to understand where security can be improved, they must adopt assessments that replicate some of the attack methods used by more sophisticated attackers, which are often state sponsored.”

He added: “If they miss this stage out, they will not identify how best to defend and will not only waste funds and resources protecting the wrong assets but they will be at serious risk of being hacked.”

Fidgen said that these sorts of measures should apply not only to UK banks but also to any financial institution operating in the EU, especially as the EU still provides Safe Harbour.

The adoption of advanced defensive programmes is likely to provide these financial institutions with a competitive advantage.

Fidgen added: “More to the point, a demonstrable defence programme will enable financial institutions to pro-actively satisfy regulatory authorities that their asset book can be value assessed accurately, and potentially argue for lower Capital to Asset ratios under legislation such as Basel III.”

About MWR InfoSecurity MWR InfoSecurity is one of the world’s leading information security consultancies. The firm specialises in identifying, managing and mitigating information security risks.

MWR has been advising organisations in this area and working with them to undertake exercises to under the potential impact of such attacks and how they can be defended.

See previous articles


See next articles