BofE sends hackers in to test nationwide cyber security

BofE’s cyber security framework could be extended to sectors including power, energy and telecoms, suggests insider

 
Ready for the war against cyber terrorism: the Bank of England has revealed details of its CBEST initiative - a series of 'hacker-style' tests that will expose any flaws in the online systems of financial institutions
Ready for the war against cyber terrorism: the Bank of England has revealed details of its CBEST initiative - a series of 'hacker-style' tests that will expose any flaws in the online systems of financial institutions 
Banking | Central Banking
Author: Charlotte Gill

Top 5

  1. Top 5 forces that will shape international finance in 2023
  2. Top 5 female-fronted fintech firms
  3. Top 5 Latin American tech hubs
  4. Top 5 sustainability pioneers in Europe
  5. Top 5 keys to global economic recovery
  6. Top 5 WFH habits, according to the world’s most successful business leaders
  7. Top 5 pandemic-proof industries
  8. Top 5 countries to be world’s next manufacturing hubs
  9. Top 5 most influential and inspirational US economists
  10. Top 5 ways to boost employee engagement and commitment
  11. Top 5 financial services that are ripe for automation
  12. Top 5 ways that GDPR has impacted digital banking
  13. Top 5 emerging fintech hubs across the globe right now
  14. Top 5 ways that the finance industry can prepare for AI
  15. Top 5 economic risk factors that must be considered

In an effort to boost security, The Bank of England has created a new testing framework to highlight vulnerabilities in cyber systems across financial institutions.

The first of its kind, CBEST involves a series of tests designed to replicate hacker behaviour and expose any holes in an organisation’s online security. Examinations are to be carried out by nine intelligence firms and were comprised using information from government intelligence units and security experts.

At a price of £100,000 to firms, CBEST could be a very wise investment

So far 18 companies have agreed to partake in the initiative, with the results expected to pinpoint what information hackers can gain access to, and the damage they can wreak with it.

“If you look at testing historically, it’s quite focused on tech information which businesses find hard to interpret,” said James Chappell, Chief Technology Officer at Digital Shadows, one of the intelligence firms taking part in CBEST.  “We’re looking for real evidence of cyber activity online.”  Chappell says that CBEST will be a “collaborative approach to improve the resilience of these organisations”, and that in future other sectors such as “power, energy and telecoms” could benefit from the technology.

The framework comes a year after the banks’ financial committee urged the industry to step up its cyber security. Only recently The Royal Bank of Scotland revealed that its online platform was hacked into, and another unidentified London-listed company lost £800m after a cyber attack several years ago. Internet security company McAfee reports that the global cost of cyber crime is £266bn. At a price of £100,000 to firms, CBEST could be a very wise investment indeed.

Chappell emphasises that the results of each test will vary from institution to institution in terms of “the type of threat and the level of resistance.” Tests on firms begin this summer, and will continue annually on a voluntary basis. Chappell believes that correcting system weaknesses will be about the banks “using what they have in a more effective way”, rather than “investing in new technologies”.

Related:
  1. Decoding DORA: Navigating the digital regulatory landscape
  2. Building BRIC by BRIC
  3. The quantum joke
  4. Blue bonds could be the answer to financing sustainable development
  5. Tax challenges at the top
  6. We need to talk about bank supervision
  7. Is it time for a coffee cartel?
  8. The sun is setting on Saudi oil
  9. IMF reckoning on fallout with rogue nations
  10. The looming pensions dilemma