Data/Cyber

The blockchain is coming

in ,

BY Richard Summerfield

In recent years, many industries have been turned on their head by disruptive new technologies. According to a new report from EY, the blockchain is the latest development with the potential to revolutionise business practices across a wide spectrum of industries.

The report, 'Blockchain reaction: Tech plans for critical mass', identifies the blockchain’s potential uses and the threat it could pose to existing business models and practices.

“To date, blockchain has transformed only people’s thinking,” said Channing Flynn, EY’s global technology sector leader, tax services. “We don’t yet even know all the questions blockchain technology will raise, much less the answers. But waiting for the technology to take hold is too late. Now is the time to start defining the questions and influencing policy that will lead to answers.”

Cyber security could be hugely affected by the rise of the blockchain. As Paul Brody, EY’s Americas strategy leader technology sector, notes: “Blockchain shifts cyber security from depending on one to depending on many, and a large volume of people are much more trustworthy than any one individual.”

Furthermore, the blockchain has the potential to transform many industries, particularly those that rely on trusted intermediaries or that currently require strong central authorities to carry out transactions. It could replace those institutions with algorithmically based trust among peers, similar to the Bitcoin system, the most pre-eminent cryptocurrency, which has begun to flirt with the fringes of the mainstream.

Should the blockchain be fully embraced by organisations, however, it could do so much more. According to EY, the technology has the ability to disrupt business models and processes, as well as supply chains and customer relationships throughout the global economy.

With this in mind, companies that were slow to respond to the challenges and opportunities presented by the dawn of the mobile era and cloud computing need to embrace the disruptive and transformative elements of the blockchain. Failure to do so could see them pay the price down the road.

Report: Blockchain reaction: Tech companies plan for critical mass

Three-quarters of FIs hacked during last two years, claims new KPMG report

in , ,

BY Fraser Tennant

A hard-hitting report released this week makes the startling claim that three-quarters (almost 8 in 10) of financial institutions (FIs) have experienced a cyber attack in the past two years, leading to many personal bank accounts being compromised.

The report, KPMG’s ‘Consumer Loss Barometer’, states that despite the financial services sector being proactive when it comes to matters of information security, more than one-third of consumers have said that their personal bank accounts have been compromised.

Furthermore, the report reveals that the vast majority of consumers would change banks if their provider of financial services did not take the proper steps to deal with the consequences of a cyber attack.  

“Financial institutions have a real opportunity to solidify trust with their customers by demonstrating that security is a strategic imperative, and that they are taking every possible precaution to protect consumers,” said Jitendra Sharma, KPMG’s advisory line of business leader, financial services. “Consumers have a lot of options in this environment, so companies must get it right as the battle for customers is fierce.”

Having surveyed 400 senior cyber security executives (including 100 operating in financial services) and 440 banking consumers, the report found that: (i) 66 percent of finance executives said their companies invested in information protection in the past year; (ii) 85 percent of executives confirmed that they have a person in their company whose sole role is to oversee matters pertaining to information security; and (iii) 37 percent of banking consumers made it known  that they would move to a new financial services provider if their bank refused to cover their losses.

In addition, consumers indicated that they would like their bank to guarantee to cover losses, issue frequent communications and updates and provide a free credit report in the event of a cyber security incident. KPMG also found that the financial services sector is the most proactive of all the sectors surveyed, with many FI’s investing heavily in information protection.  

“It is encouraging to see that financial institutions are clearly making the investment in information security and are ahead of their peers from other sectors,” said Charles Jacco, advisory principal, financial services at KPMG. “But in order to retain loyal customers and attract new ones, they will need to continue demonstrating their commitment and ability to protect their customer’s assets and to put their minds at ease.”

Report: Consumer Loss Barometer

Fighting a losing battle on cyber crime

in ,

BY Richard Summerfield

The war on cyber crime in the UK is going badly, according to a new report from the National Crime Agency. In its 'Cyber Crime Assessment 2016', released in collaboration with a number of industry partners, the The NCA acknowledges that it is falling behind cyber-criminals in many respects.

Cyber criminality is not only becoming more prevalent, but also increasingly sophisticated. The capabilities of cyber criminals are rapidly outstripping both law enforcement agencies and companies operating in the private sector. Techniques including DDoS attacks and ransomware increased significantly in 2015, and the majority of these attacks can be traced back to a few hundred international cyber criminals. The NCA tracked 2.46 million ‘cyber incidents’ in 2015, including 700,000 cases of fraud.

The report highlights that cyber criminals of all kinds, from "international serious organised crime groups" to hacktivists, have been targeting both UK businesses and individuals, emboldened by "the growing online criminal marketplace, which provides easy access to sophisticated and bespoke tools and expertise, allowing these less skilled cyber criminals to exploit a wide range of vulnerabilities".

In light of the heightened security risk posed by cyber criminals, the NCA has called on organisations to step up their defences and to work more closely with law enforcement agencies, the government, industry regulators and business leaders to fight back against attackers. If cyber criminals are to be defeated,  it will require companies to overcome the stigma attached with reporting cyber attacks. The UK government has pledged £1.9bn to help develop and deliver a national defence response and strategy over the next five years.

However, these efforts may be hindered by the chronic under-reporting of cyber breaches by UK firms. According to the NCA, under-reporting is a major issue, particularly given that companies are not required to notify regulators if they have been subject to a data breach or a cyber attack.

Under reporting has, according to the report, obscured the full impact of cyber crime in the UK, and impaired the efforts of law enforcement agencies that have been struggling to understand the operating methods of cyber criminals and are attempting to respond to the threats they pose. Only by working together will the public and private sectors in the UK be able to turn the tide.

Report: http://www.nationalcrimeagency.gov.uk/publications/709-cyber-crime-assessment-2016/file

Fighting back after Bangladeshi hack

in ,

BY Richard Summerfield

The Bangladeshi banking hack, which saw $81m stolen by cyber criminals in February, has caused the Society for Worldwide Interbank Financial Telecommunication (SWIFT) to issue a statement announcing the creation of a new five point security plan which will be released this week.

SWIFT’s secure messaging service is, in many ways, the glue that binds much of the global international banking system together. It allows banks to communicate with one another, sending payment instructions back and forth. However, the service acted as the backdoor for criminals to carry out the Bangladeshi theft. Via a number of coordinated cyber attacks, criminals broke into the messaging service, hijacked the system and redirected payments for their own ends.

Worryingly for both SWIFT and the global financial system, the Bangladeshi hack is not an isolated incident. In Ecudaor in 2015, a similar attack saw cyber thieves take more than $12m. An attack on Vietnam’s Tien Phong Bank, which was unsuccessful, has also recently come to light. It appears that these three publicised attacks may just be the tip of the iceberg.

Gottfried Leibbrandt, SWIFT’s chief executive, told an audience at the European Financial Services Conference in Brussels that “The Bangladesh fraud is not an isolated incident: we are aware of at least two, but possibly more, other cases where fraudsters used the same modus operandi, albeit without the spectacular amounts. The banks were compromised, credentials to payment generation systems were obtained to send fraudulent payments and the statements/confirmations from their counterparties were obfuscated."

In response to the hack, SWIFT will introduce certification requirements for vendors that help some banks connect to the network and use pattern recognition to identify suspicious behaviour.

In light of the reported – and unreported - cases SWIFT has called on the wider banking sector to do more to counteract cyber theft. It reiterated that while the company has a key role to play, it is not a regulator. "SWIFT is not all-powerful, we are not a regulator and we are not a policeman," said Mr Leibbrandt.

SWIFT’s response to these hacks may help shape the future of global banking.

News: SWIFT to unveil new security plan after hackers' heists

Two-thirds of UK firms victims of cyber crime

in

BY Richard Summerfield

There can be little doubt that the digital economy is changing our day to day lives. For consumers and companies alike, the advent of the digital age has forever altered the way we do business. According to data from the UK Office for National Statistics, in 2014, e-commerce sales were £573bn across non-micro businesses, up from £335bn in 2008.

Companies are discovering that technology has a pivotal role to play in their future development and prosperity, according a new report from Ipsos MORI and the Institute of Criminal Justice Studies. The 'Cyber Security Breaches Survey 2016' report notes that over half (53 percent) of all businesses say online services form a core part of the goods and services they provide, at least to some extent.

Yet despite this reliance on cyber activity, the report suggests that firms in the UK are  increasingly exposed to cyber criminality as a result of their unwillingness – or even inability – to properly tackle security.

The report, commissioned by the UK government’s National Cyber Security Programme to survey UK businesses on their approach to cyber security and the costs they have incurred from cyber security breaches, found that two of every three big business firms surveyed were breached at some point over the last year. In total, 24 percent of UK businesses were breached. The majority of those firms were medium or large enterprises.

The most common types of cyber security breaches were viruses, spyware or malware, and impersonation of the organisation. Only half of all firms surveyed had implemented basic security controls across five major areas laid out under the government-backed Cyber Essentials Scheme. Given that just three in 10 organisations have written cyber security policies, and only 1 in 10 have any formal processes for managing such incidents, it is clear that companies must become better organised when it comes to protecting themselves.

According to digital economy minister Ed Vaizey, the breaches are particularly troubling. He said: “The UK is a world-leading digital economy and this government has made cyber security a top priority. Too many firms are losing money, data and consumer confidence with the vast number of cyber attacks. It's absolutely crucial businesses are secure and can protect data."

Report: Cyber Security Breaches Survey 2016

©2001-2024 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.