Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories »

Channels

Security Regulation & Compliance
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Cyber Security: the Biggest Threat to the UK Banking Sector?

Next month the UK Government is launching one of the most extensive cyber threat exercises, which will test how prepared financial systems are  to survive a sustained online attack.

The move comes after a senior official at the Bank of England warned earlier this year that cyber attacks are the top risk for UK banks. The warning was confirmed by a report from KPMG highlighting that cyber attacks could cause the next systemic shock to the UK banking industry. 

These warnings beg a very important question. If cyber risk is one of the top concerns for financial organisations, what’s stopping them from mitigating these risks to a point that they don’t pose a major threat to their business?

To be able to answer this question, we need to understand the environment in which financial organisations operate. Today’s banks need to manage access to sensitive data across multiple devices, users, in-house and cloud applications. This creates billions of identity and access relationships between the organisation and its stakeholders, third party suppliers, remote workers, customers and so on. The result is a pool of Big Identity Data that is difficult to understand and manage and opens the door to cybercriminals looking to hijack legitimate user credentials to gain access to critical data and applications.

The problem is further exacerbated by the complexity of user relationships and IT systems within large financial organisations and the lack of clear view into how these user relationships are changing as employees move, leave or get recruited into the organisation. Traditionally organisations tend to re-assess user privileges every three, six or even twelve months.  This creates a dangerous gap between user provisioning and access certification where changes in access privileges can remain undetected for months, preventing IT staff from restricting unauthorised access to sensitive information.

To close this gap, organisations need to more effectively leverage the data insight generated from all these user relationships and use this insight to proactively monitor, assess and mitigate access risk. Real-time access intelligence can help organisations understand where the greatest access risk vulnerabilities lie and identify the causes of these issues by analysing multiple risk factors. This, coupled with the ability to detect unauthorised access as it occurs, will enable banks to quickly spot suspicious user behaviour and act upon it immediately to mitigate security risk.

 

5289

Channels

Security Regulation & Compliance
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (0)

Join the discussion

Member since

0

Location

0

More from member

Community
See all blogs »
Fintech 

How innovation in encryption is helping secure the credit card approval process

Ghazi Ben Amor

Ghazi Ben Amor

Operational Risk Management 

DORA – Navigating the EU’s Operational Resilience Landscape

Antony Fung

Antony Fung

Fintech 

The importance of risk management in trading

Kate Leaman

Kate Leaman

Digital Identity Management 

Navigating the digital identity landscape: A blueprint for financial services competitiveness

Adam Preis

Adam Preis

Now hiring

See more