Yahoo News Cyber Security: Firms Must Cooperate Says Bank
A senior Bank of England official has called on companies to work with their competitors to combat the threat from cyber attacks.
Andrew Gracie, the Bank's executive director for resolution, told the Cyber Defence and Network Security conference in London that the recent web assault on Sony - blamed on North Korea by the US - provided a "salutary reminder" of what firms were up against.
He pointed to an agreement between the US and UK governments to test bank defences through cyber war games this year as evidence that cooperation was key to limiting the ever evolving threat.
Mr Gracie suggested that rivals come together for a greater good and said: "Firms need to cooperate not compete in this space.
"With that in mind, we are working with industry to strengthen arrangements for information sharing, reviewing existing forums for tactical information sharing and supplementing them where necessary with arrangements for more strategic information sharing including on good practice.
"We are also working with the sector on how existing arrangements for responding to a major operational disruption would work in the event of a severe cyber attack."
Mr Gracie said a recent questionnaire exercise with 36 firms at the core of the UK financial system had identified some shortcomings but nothing that was "critical."
Many of those companies were also in the final stages of a CBEST vulnerability test - launched by the Bank's Financial Policy Committee last summer - with the results due in the next few months.
He also revealed that GCHQ, which has warned that British companies are under attack by hackers, criminal gangs and foreign intelligence services, had played a role in the penetration testing framework.
Mr Gracie said: "The results should provide firms - and us - with a direct read on the robustness of their defences to more sophisticated attack types and a gaps analysis so that firms know what steps they need to take to improve their resilience.
He urged companies to undergo a CBEST, adding: "We think the benefits to firms of CBEST are significant. This is why the FPC in December encouraged firms to undergo a CBEST as ‘soon as practicable’".
