UK banks must work better together to ward off cyber attacks
Waking Shark II exercise highlights areas of unpreparedness in financial institutions.
The Bank of England has published the findings of its Waking Shark II cyber attack exercise, revealing better communication between entities is needed to fend off threats.
The simulation, which took place towards the end of last year, was designed to test the responses of the wholesale banks sector, including investment banks and other key financial market infrastructure, in the event of a state-sponsored cyber attack.
According to the report's author, Chris Keeling, Waking Shark II was not intended to scrutinise each individual firm's reaction, but see how the sector could work together to understand and minimise an attack's impact.
The report states significant improvements had been made since 2011's Waking Shark I exercise, particularly with regard to the use of the Cyber Security Information Sharing Partnership (CISP) initiative, which was introduced in March 2013.
CISP allows organisations and the Government to share information and intelligence on cyber threats and is supported by a Fusion Cell' a cyber attack monitoring operations room run by the Security Service, GCHQ and the National Crime Agency.
However, while Keeling commended the level of collaboration and communication, he said this was hampered by the lack of a central framework for sharing information and communication across the financial sector.
"Whilst there was some communication between the participating firms and the [financial market infrastructures] and good communications with the authorities, it was identified that there is no formal communication coordination within the wider sector," said Keeling.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
He noted while there are a number of sector groups that provide a communications framework for their members, there is no overarching platform.
"Consideration will be given to the identification of a single coordination body from industry to manage communications across the sector during an incident," said Keeling.
Keeling also warned not all firms were aware of their responsibilities to report major incidents to their regulators as soon as possible and also expressed concern they may not be aware of the need to independently report an attack to the police.
The full report is available to read in PDF form here.
Jane McCallion is ITPro's Managing Editor, specializing in data centers and enterprise IT infrastructure. Before becoming Managing Editor, she held the role of Deputy Editor and, prior to that, Features Editor, managing a pool of freelance and internal writers, while continuing to specialize in enterprise IT infrastructure, and business strategy.
Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.