The cybersecurity of financial institutions is appearing as a top priority for the Bank of England in the coming months. The central bank will focus on stress testing IT defences for online attacks and establishing new standards for how quickly and effectively financial institutions should contain these breaches. The objective is to improve banks’ operational resilience to withstand unforeseen future crises, such as the impact of COVID-19.
The decision comes as organisations adjust to a new wave of threats, in which opportunistic cybercriminals have continued to exploit weaknesses across a larger digital attack surface. While business email compromise (BEC), phishing attacks, and malware are still dangerous weapons in a threat actor’s arsenal, they are increasingly using advanced persistent threat (APT) tactics to circumvent defences and avoid detection. CISOs need to deploy a layered approach to security to prevent their most valuable assets from falling into the wrong hands to defend against these attacks.