cyber security

Bank of England and Treasury set banks cyber security deadline

Karl Flinders

Directors at banks and organisations core to the financial system have six months to outline their strategies to protect against potential cyber attacks, according to the minutes of a recent Bank of England Financial Policy Committee (FPC) meeting.

The FPC is demanding that board members address this rather than passing responsibility to IT departments.

41362_Bank-of-England.jpg

The meeting minutes referred to a recent report from the Treasury on the progress being made to make the financial system more resilient to cyber attack – it said “the threat had many dimensions and was growing”.

“The financial system had a number of potential vulnerabilities, reflecting its high degree of interconnectedness, its reliance on centralised market infrastructure, and its sometimes complex legacy IT systems,” read the FPC meeting minutes.

The committee said effective steps had been taken, including general guidance on best practice, and the approach outlined by the Treasury was moving things in the right direction.

But it now wants a “concrete plan in place to deliver a high level of protection against cyber attacks for each institution at the core of the financial system, including banks and infrastructure providers, recognising the need to adapt to evolving threats”.

It recommended that these action plans was completed by the first quarter of next year and that a progress report to the FPC from the relevant regulatory boards be completed by the end of 2013.

During the meeting, the Bank of England said it planned to review its own resilience in relation to cyber attacks.

One security source said the UK financial system is continuously under cyber attack.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy