21 December 2014

66810

Marc Lee - Courion

8Posts 20,121Views 0Comments

Cyber Security: the Biggest Threat to the UK Banking Sector?

16 October 2013  |  3302 views  |  0

Next month the UK Government is launching one of the most extensive cyber threat exercises, which will test how prepared financial systems are  to survive a sustained online attack.

The move comes after a senior official at the Bank of England warned earlier this year that cyber attacks are the top risk for UK banks. The warning was confirmed by a report from KPMG highlighting that cyber attacks could cause the next systemic shock to the UK banking industry. 

These warnings beg a very important question. If cyber risk is one of the top concerns for financial organisations, what’s stopping them from mitigating these risks to a point that they don’t pose a major threat to their business?

To be able to answer this question, we need to understand the environment in which financial organisations operate. Today’s banks need to manage access to sensitive data across multiple devices, users, in-house and cloud applications. This creates billions of identity and access relationships between the organisation and its stakeholders, third party suppliers, remote workers, customers and so on. The result is a pool of Big Identity Data that is difficult to understand and manage and opens the door to cybercriminals looking to hijack legitimate user credentials to gain access to critical data and applications.

The problem is further exacerbated by the complexity of user relationships and IT systems within large financial organisations and the lack of clear view into how these user relationships are changing as employees move, leave or get recruited into the organisation. Traditionally organisations tend to re-assess user privileges every three, six or even twelve months.  This creates a dangerous gap between user provisioning and access certification where changes in access privileges can remain undetected for months, preventing IT staff from restricting unauthorised access to sensitive information.

To close this gap, organisations need to more effectively leverage the data insight generated from all these user relationships and use this insight to proactively monitor, assess and mitigate access risk. Real-time access intelligence can help organisations understand where the greatest access risk vulnerabilities lie and identify the causes of these issues by analysing multiple risk factors. This, coupled with the ability to detect unauthorised access as it occurs, will enable banks to quickly spot suspicious user behaviour and act upon it immediately to mitigate security risk.

 

TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Marc

It’s time to wake up to the insider threat

08 May 2014  |  1200 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

Who’s to blame for the breach?

06 March 2014  |  1948 views  |  2  |  Recommends 0 TagsSecurityRisk & regulation

PCI Compliance: not just a tick box exercise

24 February 2014  |  1956 views  |  0  |  Recommends 0 TagsSecurityInnovation

Boiling the Ocean

22 November 2013  |  3325 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

Cyber Security: the Biggest Threat to the UK Banking Sector?

16 October 2013  |  3302 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

Marc's profile

job title EMEA Sales Director
location London
member since 2013
Summary profile See full profile »
I'm responsible for growing Courion's business across EMEA and building sales and channel programmes in the region.

Marc's expertise

What Marc reads
Marc writes about

Who is commenting on Marc's posts

Ketharaman Swaminathan