The Bank of England has set out measures to ensure the UK’s finance sector is resilient to large-scale cyber attacks that could disrupt the entire economy.
The ease with which individual institutions could potentially be hacked has come into focus in recent weeks after an email prankster targeted several bank chiefs and even the governor of the central bank itself.
In its biannual Financial Stability Report, published today, the Bank of England said banks and other finance firms had made progress on improving their resilience to hacking attacks since it began testing their readiness in 2013. It said 31 of 34 firms “at the core of the UK financial system” that it has quizzed on the issue now have “action plans” in place.
The bank’s Financial Policy Committee is “now moving to the next stage”.
Rather than threats to single consumers or companies, the bank’s focus is now on shoring up the financial system against “the risk of cyber attack causing disruption to critical financial services on a scale that causes material disruption to the UK economy”.
The bank set out the steps that need to be taken to mitigate that risk. This will include regular testing of firms’ resilience to attacks and identifying firms that are not under its supervision but that could have an effect on the financial system if they are subject to a cyber attack.
That chimes with warnings from the Financial Stability Board today. The global body is concerned about banks’ reliance on fintech firms and software providers, which do not fall under the scope of financial regulators, but whose failure would have a huge impact on the finance sector.
The BoE adds that it has requested an annual update from authorities about the effectiveness of the response framework “to check that the system has the capacity to respond to and recover from a cyber attack”.