18 October 2017
Register now

BofE unveils cyber-security framework

10 June 2014  |  8118 views  |  0 Bank of england

The Bank of England has set out a new framework designed to test for cyber vulnerabilities at financial institutions.

Several UK banks have been hit by cyber-attacks over the last year, pushing the issue up the agenda both for institutions and regulators, with the BofE telling firms to put concrete action plans in place to protect themselves.

Now the central bank has also unveiled the CBEST framework, which uses intelligence from government and accredited commercial providers to identify potential attackers to a particular financial institution.

It then replicates the techniques these potential attackers use in order to test the extent to which they may be successful in penetrating the defences of the institution. When the tests are completed, there will be workshops for the firms involved to work through the results with the testers and supervisors.

The BofE says that by using real threat intelligence, CBEST will help banks, infrastructure providers and regulators improve their understanding of the types of cyber-attacks that could undermine the UK's financial stability and how vulnerable the industry is to them.

In a speech unveiling the framework, Andrew Gracie, executive director, resolution, BofE, says: "The results should provide a direct readout on a firm's capability to withstand cyber-attacks that on the basis of current intelligence have the most potential, combining probability and impact, to have an adverse impact on financial stability."

The framework, which banks can sign up to on a voluntary basis, was put together by the BofE with the Council for Registered Ethical Security Testers (Crest), a not-for-profit organisation that represents the technical information security industry and Digital Shadows, a cyber-intelligence vendor.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

New York to step up assessment of bank cyber-security plans

New York to step up assessment of bank cyber-security plans

08 May 2014  |  10898 views  |  0 comments | 10 tweets | 8 linkedin
SEC to conduct market-wide cyber-security checks

SEC to conduct market-wide cyber-security checks

16 April 2014  |  6037 views  |  0 comments | 3 tweets | 3 linkedin
As cyber threat grows, EU regulators warn FS firms on IT budgets

As cyber threat grows, EU regulators warn FS firms on IT budgets

03 April 2014  |  6730 views  |  0 comments | 9 tweets | 2 linkedin
White House sets out voluntary cybersecurity framework

White House sets out voluntary cybersecurity framework

13 February 2014  |  5821 views  |  0 comments | 12 tweets | 8 linkedin
BofE says banks under cyber-attack

BofE says banks under cyber-attack

29 November 2013  |  5988 views  |  0 comments | 10 tweets | 7 linkedin
London banks embark on 'Waking Shark 2' cyber war games

London banks embark on 'Waking Shark 2' cyber war games

12 November 2013  |  5850 views  |  0 comments | 3 linkedin

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.vasco.com Register now

Top topics

Most viewed Most shared
Ripple looks to drive bank adoption with $300m XRP rebate programmeRipple looks to drive bank adoption with $...
15144 views comments | 12 tweets | 4 linkedin
Swift positive on blockchain, but big challenges remainSwift positive on blockchain, but big chal...
8358 views comments | 15 tweets | 21 linkedin
hands typing furiouslyHow artificial intelligence can deliver a...
7857 views 0 | 7 tweets | 9 linkedin
satelliteGates Foundation backs Ripple collaboratio...
7285 views comments | 13 tweets | 8 linkedin
IBM uses blockchain to improve cross-border payments processingIBM uses blockchain to improve cross-borde...
6439 views comments | 8 tweets | 16 linkedin

Featured job

Competitive base, double ote, benefits
London, UK

Find your next job