Europe's financial institutions have been told by regulators that they must protect their IT budgets in order to guard against the growing threat of cyber attacks.
The financial sector saw an uptick in cyber-attacks during 2013 as hackers probed IT system vulnerabilities in bids to access customer data for financial gain or to disrupt services. Download the document now 1.3 mb (PDF File)
With this in mind and the threat only likely to grow, IT systems should be safeguarded against any budget cuts, warns the Joint Committee of the European Supervisory Authorities (ESAs) in its latest report on the risks and vulnerabilities in the EU system.
Firms and their supervisors need to regularly assess their tech security and cyber resilience, integrating them into their risk models, says the committee, made up of representatives from the European Securities and Markets Agency, European Banking Agency and the European Insurance and Occupational Pensions Authority.
With cyber and IT risk a crucial part of operational risk, companies should consider holding capital against them, although the committee says that this is no substitute for good practice in the first place.
The report highlights the risks posed to IT security by outsourcing and reliance on cloud computing as well as consolidation in the financial sector as merged firms try to integrate systems.
Another concern is the rush to roll out new products - particularly in the mobile sphere - without carrying out sufficient testing.
As well as improving their internal controls, companies also need to work closely with each other and with regulators to set up clear frameworks and protocols for sharing information and best practice, concludes the report.
Read the full report: