Last week the banking industries in both the UK and the US separately announced that they were launching dedicated software platforms to warn institutions of new threats from cyber criminals, fraudsters and terrorists. In the UK the Financial Crime Alerts Service will pool intelligence from a dozen government and law enforcement agencies, including the National Crime Agency, and share it with teams already working inside the banks to combat fraud, cyber crime, terrorism financing, money laundering and bribery. In the US the more extravagantly named Financial Services Information Sharing and Analysis Center will facilitate the sharing of information about cyber attacks between the banks and other critical infrastructure companies taking part in the scheme.
Concern about possible attacks on financial systems has been heightened after this summer’s infiltration and theft of data from computer systems at JPMorgan Chase, which according to some reports may even have been state-sponsored, with its origins in Russia. The British Bankers Association says that their new platform will build on the existing scheme between the banks and the National Fraud Intelligence Bureau, which has already prevented more than £100m of fraud losses through information-sharing.
These developments highlight the importance of a couple of things for me. The first is the scale of the business disruption risk that big financial institutions now see to their operations from cyber crime and the consequent amount of effort that they are prepared to put into defending against the threat to their business continuity. A recent paper from the Bank of International Settlements found that the UK financial sector was spending more than £700m annually on cyber security. Banks don’t spend that kind of money if they are not seriously worried. And if they are worried then everyone else should also be worried about the threat that cyber crime could pose to their own operations.
The second issue this highlights for me is the importance of information sharing about possible business continuity or business disruption threats and the need for secure platforms that can be used to rapidly communicate with employees or other stakeholders in order to provoke a proactive response from them to counter the threat. With this in mind, the launch of our own Crises-Control business continuity app could not be more timely, and I am very excited about the reception it will receive when we launch it at the BCI World Conference and Exhibition at London Olympia in November.