cyber risk

PSD2 creates a cyber risk headache for banks

A report created by banking software specialist Temenos in cooperation with The Economist Intelligence Unit shows that banks are wary of the cyber risks associated with European Union’s Payments and Services Directive (PSD2). The directive, which will come into force in 2018, forces banks to open up their APIs to third parties so that information »

BoE governor highlights cloud as source of operational risk

The Bank of England’s governor, Mark Carney, identified Cloud services, as well as “common hosts of online banking”, as potential sources of operational risk in a speech he gave in Germany on Wednesday. Carney said that regulators have to be aware of new single point of failure risks. In the speech, the governor of the »

Shark

DDoS cyber attacks: Europe’s banks need a plan

It’s an arms race and – right now – banks are losing. A recent casualty was HSBC, which on January 29th saw its online banking system brought down for several hours by a distributed denial-of-service (DDoS) attack. DDoS attacks are getting larger, and better organised. According to a recent report by Massachusetts-based security consultant Arbor »

Ian Glover-CREST

Asia to drive growth in security testing certification

Ian Glover, president of CREST — the UK-based Council of Registered Ethical Testers — expects his organisation to certify a growing number of penetration and threat intelligence testing companies in 2016 as demand for their services grows. CREST, a not-for-profit organisation whose objective is to represent the information security industry by demonstrating the competence of »

EU-commission

EU directive will force major financial firms to disclose cyber attacks

Among Europe’s largest banks, the long-established practice has been to keep breaches of cyber-security quiet – or as quiet as possible.  But a major change is in the pipeline:  European-wide legislation that will force firms to report cyber attacks to national incident teams. The European Commission has drafted a European Network and Infrastructure directive, which is now waiting »