The resilience of UK banks to cyber attack is to be tested through a simulation

Cyber risk

On Tuesday (Novermber 22) banks in London tested their resiliency to cyber attack by running a simulation, arranged jointly by the Financial Services Authority, the Treasury and the Bank of England..

The exercise involved almost a hundred organisations and assessed how financial supervisors in Britain would cope with the collapse of telecoms, internet and other digital systems.

The organisations also simulated their response to a transport disruption during the Olympic Games.

Similar exercises before have tested firms’ ability to cope with widespread flooding and snow or a flu pandemic.

The scenarios are designed to simulate an abrupt collapse of critical infrastructure and staff absence, or put operations to the test over a longer crisis.

The exercises allowed banks to see how they might sustain their operations, if they were forced to relocate to back-up sites or reboot systems.

“It is very pleasing to see the financial sector taking the threat of cyber attack so seriously and we hope that other sectors will follow suit,” commented Henry Harrison, Technical Director at BAE Systems Detica.

“The key to this sort of exercise is using sufficiently representative scenarios. This is as true for cyber attack scenarios as for financial disaster scenarios - while it is simple to imagine situations such as a total loss of communications, realistic scenarios should also include the loss of confidence in the integrity of data or key systems, or indeed the loss of confidence in the confidentiality of communications between different players in the system.”

The test is more vital than ever under the pressure of the eurozone crisis. Banks are used to testing the robustness of their liquidity and capital but less well prepared for operational risks, some say.

Topics