Hackers are global, legal is local - Editor's Blog -

Banks can only control what is under their own roof. But training staff to spot phishing attempts is challenging enough, writes Brian Caplen.

The sums of money being stolen from banks by cyber hackers is continuing to grow and training staff so they don’t allow an institution to fall victim is a huge challenge.

But the danger of a government-sponsored or other kind of attack that closes the entire financial system was played down at a Sibos panel called ‘Is a cyber 9/11 inevitable?’

“The Russian government is not technologically advanced enough to be a hacker [on this scale],” said the CEO of Russian cyber security company BI.Zone, Dmitri Samartsev.

At the same time criminal gangs involved in cyber attacking have no interest in closing down the international financial system, as where else would they stash their ill-gotten gains?

The big problem is that these gangs act globally and co-operate across borders but law enforcement is organised by country and there is little in the way of international treaties to initiate collaboration. The restrictions of Europe’s data protection law GDPR may even make tracking down cyberhackers more difficult. 

Banks must focus on what they can control and seek to deter cyber hacking by making it difficult and costly. A key issue is training staff not to respond to phishing attempts by sending out fake emails and seeing who responds. The panel discussed how one bank reduced the response rate from 60% to less than 1% but one member admitted that the phish most difficult to resist was the pay slip of another member of staff!

Brian Caplen is the editor of The Banker. Follow him on Twitter @BrianCaplen

Register to receive my blog and in-depth coverage from the banking industry through the weekly e-newsletter.

Top 1000 World Banks 2019

Top 1000 World Banks ranking

Request a demonstration to The Banker Database

The Banker on Twitter

Join our community