LONDON (Reuters) – British banking executives and security experts are growing frustrated
Executives still grow frustrated at the dearth of information available more than three months after 2.5 million pounds ($3.09 million) was stolen from Tesco Bank. Importantly, this was in the UK’s biggest financial cyber heist. Security officers normally share information on an informal basis. They also share immediately after a major cyber incident. This is so that the other banks can check their systems. This information was attained from sources at four of Britain’s biggest lenders.
In the case of Tesco Bank however, details have yet to be provided. Also, the case exposed the lack of proper procedures to share information. Also, confusion over which government agency has ultimate responsibility for the issue as well.
Furthermore, a risk officer at another of Britain’s biggest lenders said a formal regulatory system was essential in a financial center like London.
“I am not going to criticize them [Tesco], the problem is the structure,” he said. Nonetheless, the Nov. 5-6 attack affected 9,000 Tesco Bank customers. Its also the first major case to be investigated by Britain’s new National Cyber Security Centre (NCSC). Furthermore, the NCSC brings together and replaces a host of bodies including CESG (the information security arm of GCHQ), the Centre for Cyber Assessment, Computer Emergency Response Team UK and the cyber-related responsibilities of the Centre for the Protection of National Infrastructure.
The Bank of England’s Prudential (LON:PRU) Regulation Authority and the Financial Conduct Authority would also be involved in any regulations governing financial cyber crime. The NCSC, however, did not respond to requests for comment on the Tesco case. Clearly, the new body is coming under pressure from the financial industry and lawmakers to act quickly. Furthermore: “It is up to the NCSC to institutionalize the sharing of information and give some kind of obligation or requirement for feedback after an attack like Tesco Bank,” Troels Oerting, Group Chief Information Security Officer at Barclays (LON:BARC), told Reuters.
($1 = 0.8097 pounds)
|Symbol||Name||Last Trade Price||Change||Change (%)|