6 October 2014

Financial Services Are ‘at War’ With Cyber Criminals, Citigroup Says




Financial services companies are “at war” with cyber criminals, Citigroup says. 

Bloomberg News

The financial services sector is “at war” when it comes to cyber-security, according to a senior [wsj-ticker ticker=”C” onlinesignificance=”passing-mention” name=”Citigroup” postfix=”" executive, who said the bank faced attacks 10 million times a month.

Speaking on a conference panel in Boston about cyberthreats, Charles Blauner, global head of information security at Citigroup, said the way financial institutions respond to attacks was crucial.

He said: “You are going to get hacked. The bad guy will get you. Whether you are viewed as a success by your board of directors is going to depend on your response.”

Banks needed to balance their spending on prevention, detection and response plans, he said. Citi’s security team has established an “advanced adversaries” team that is charged with thinking about the “unknown unknowns” and detecting signs of potential attacks.

A poll of more than 150 audience members found that 23% felt their firm was unlikely or very unlikely to be a victim of a cybercrime, which the panellists found worrying.

For sophisticated financial institutions, cyberthreats were not just about criminals stealing money, the industry experts warned. Firms face threats from hackers including foreign governments, terrorists and activists interested in a range of information, including client data, mergers and acquisitions activity, trades and capital markets deals.

David Wagner, president of software firm Entrust, said the number of cyberattacks should increase for firms as their information security systems become more sophisticated, because it means they are catching more problems.

James Kaplan, a principal at consultancy McKinsey & Company, acknowledged that it was “extraordinarily hard” for firms to respond to breaches because it involved working with customers, regulators and employees.

Blauner said there should be some regulation or standards for telecommunications, power and the IT sector that financial firms could depend upon. He said: “My biggest fear is that the level of due care we do in financial services isn’t matched by some of the industries we rely on.”

This article first appeared in our sister publication Financial News.

No comments: