Senior security staff at banks are confident in their cyber security activity despite one-third of attempts by cyber criminals to breach these defences being successful.
A survey of security executives at 275 global banks by Accenture revealed that 78% were confident in their overall cyber security strategy. More than half (51%) said they would be able to identify the cause of a breach, 51% said they could measure the impact and 50% said they could manage the financial risk caused by a cyber security event.
But on top of daily phishing, malware and penetration attacks, banks faced an average of 85 serious attempts to breach their cyber defences over the previous 12 months, and 36% of these attacks succeeded in stealing some data, the report revealed. Also, the banks were slow to spot breaches, taking an average of 59 days to detect one.
Almost half (48%) of the executives surveyed thought internal breaches had the biggest impact, and 52% said they were not confident in their organisation’s ability to detect breaches through internal monitoring.
“Bank executives are clearly confident when it comes to their cyber security capabilities, but there is still much work to be done,” said Chris Thompson, senior managing director and head of financial services cyber security and resilience at Accenture Security.
“Most cyber security assessment programmes, while well-intentioned, are highly theoretical and based on known cyber attack practices. The reality, however, is very different. Fast-moving, dynamic threats are creating new challenges every day. Banks should focus on deploying practical testing scenarios that focus inside the perimeter to ultimately make the crooks’ job as difficult as possible.”
The survey identified the importance of raising staff awareness of security risks, finding that 99% of respondents were alerted to many breaches by their employees.
But banks could face a challenge in the coming years because of a lack of cyber security skills, according to the research.
Banks said they expected skills shortages in endpoint/network security (61%), incident response (53%) and vulnerability management (53%).
“While defending the perimeter is crucial, it is often the people inside the walls that present the biggest risk, but also the biggest weapon in the fight for resiliency,” said Thompson.
Speaking to Computer Weekly in January this year, one cyber security expert in the UK banking sector said the speed that a crisis could develop after a cyber attack posed a major challenge. “The financial crises in the past took months or years to build up, so if regulators are paying attention, there is time to prepare,” he said. “But in the case of a successful cyber attack, it can happen in a matter of minutes with no prior warning, so the shock may be greater.
“Banks are attractive targets and they are under a constant barrage of cyber threats, so purely on the basis of statistics, if there are millions of attempts every year, there is a fair chance a few major incidents will take place.”
Cyber security expert Richard Benham, a visiting professor at the University of Gloucestershire, warned recently that a major bank will not recover from a cyber attack this year.
He said there would be a run on a bank following a cyber attack. This would also see customers withdraw their money because of a loss of confidence, leaving the bank in breach of solvency rules.