Nick Hammond comments on the cyber readiness of major bank’s infrastructure in response to the Hiscox Cyber Readiness Report
The need for financial institutions to be prepared against cyber attacks is doubly pressing this year, following a raft of new regulations. These have shifted the mandate from one of the annual compliance exercises to an ongoing assurance that IT systems are prepared and secure.
Nick Hammond, lead advisor for financial services at World Wide Technology, comments: “The Hiscox report will serve as an important reminder to financial services firms about the importance (and difficulty) of securing against the cyber threats.
“This kind of protection is all the more necessary this year, in the wake of new regulations such as MiFID II, PSD2 and GDPR. Unlike older rules that only required yearly tick-box compliance exercises, these new regulations require continued assurance of critical applications.
“But with the complexity of existing IT systems, which have been built with different and sometimes opposing metrics over the years, this is easier said than done. Legacy infrastructures are often formed from an extremely complex patchwork of applications, which communicate with each other in convoluted ways.
“This web of opaque interdependencies is creating problems for cyber security. Without a clear view of how the system is plumbed together, there can be knock-on effects downstream when one application is prevented from sharing data with another system or user.
“To meet changing regulatory requirements, companies in the financial space need to access infrastructural expertise, to generate a working, real-time picture of the entire framework. Only after gaining this level of visibility can the right security policies be fitted to each application in a way that fits within the functioning of the existing system, allowing components to communicate as they need to whilst closing them off from external threats.”