The Bank of England told banks to be ready for war against the mounting threat of crippling cyber attacks. “I would like our firms to be on a WAR footing: withstand; absorb; recover,” Lyndon Nelson, deputy chief executive of the BOE’s Prudential Regulation Authority, said in a speech.
The PRA expects firms to set out their own tolerances for key services in the form of “clear metrics indicating when a disruption would represent a threat to a firm, to consumers or to finan-cial stability,” Nelson said. Boards should play a key role in developing their operational and cyber risk strategies, he said.
The BOE has identified cyber attack as a major risk to banks, and has firms tested to determine their resilience. The central bank’s internal watchdog last week said it needs to get ready to handle the “ fast death” of a major bank from a cyber attack or rogue trading.
The central bank and the Financial Conduct Authority will publish a discussion paper setting out the extent of disruption it is prepared to tolerate from an operational incident, Nelson said.
“Banks have been used to safeguarding their financial interests from fraudsters
and even bank robbers for decades, but in the case of operational matters the barriers to entry for those who would seek to do harm to the bank are much lower,” he said.