Following the news that Britain’s banks are supposedly not reporting the full extent of cyber attacks to regulators for fear of punishment or bad publicity, Mark James, security specialist at ESET commented below.
Mark James, Security Specialist at ESET:
“Financial organisations suffer cyberattacks on a daily basis and it stands to reason that if hackers do what they do to make money, then why not target the source? Reporting every one of those attempts would indeed clog systems with lots of unnecessary information and I’m sure there will be a lot that never makes the light of day. However, the problem of course is perceived security, as more and more breaches happen and more malware is being used to target financial systems, then the damage caused when things go wrong can be so great decisions will be made to keep it quiet. However, with the public becoming more aware of the damage caused by lapsed security, this may influence the decision on who is to look after their savings and daily finances in the future.
Effective protection is made up of multiple layers of security. This involves, but is not limited to, identifying current threat vectors, education, software protection, data flow monitoring and keeping your systems updated and patched. Sharing information enables better defences, it provides authorities and regulators a better understanding of the wider picture and should help investment in the correct placement of funds to combat future attacks. In addition to this, the public have a right to know what a company is doing regarding security and privacy, because only then can they make an informed decision based on facts.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.