It is the intention of the Bank of England to hire its own ethical or “White Hat” hackers to help them to test the security of 20 “major” financial institutions. The action has been taken; it seems, as a response to the Waking Shark II exercise that took place in November 2013.
Charles Sweeney, CEO of web security firm Bloxx, believes that the Waking Shark programme was a great success but that it is important to continue to test your defences as attacks evolve and develop at a rapid rate.
Swenney stated, “Banks face a relentless onslaught of persistent and sophisticated attacks because they are considered to be highly prized targets for criminals. Last year’s Waking Shark programme was a great success, but attacks evolve and develop at a rapid pace so it is no surprise that the Bank of England wants to test defences again.”
Sweeney added, “It is great to see the UK leading the way in cyber protection programmes that can make a real difference to consumers, enterprises and the economy.”
Adrian Beck, Veracode’s security programme manager EMEA, is also in full support of the Bank of England’s decision to utilise ethical hacking as it is one of the best ways to expose any potential security weaknesses.
Beck declared, “It’s encouraging to see the Bank of England taking a lead on protecting the UK’s critical national infrastructure by overseeing ethical hacking programmes.
Beck added, “Ethical hacking, in the form of penetration testing, is one way to expose software coding errors in an organisation’s applications, along with other vulnerabilities that threaten critical data. All businesses, whether in the public of private sector, should consider the benefits of investing in ethical hacking as part of an application security programme.”
MD of LogRhythm, Ross Brewer believes that it would be disastrous if the Bank of England was to suffer a serious data breach and that recent data breaches just show how disastrous they can be.
Brewer stated, “The financial sector is taking a positive step here, which many other organisations need to learn from. As they play such a critical role in society, it would be disastrous for one of our leading banks to suffer a significant data breach. We only have to look at the recent large-scale data breaches, such as Target in the US, to see just how devastating and long-lasting this can be. Given the level of trust businesses and consumers place in banks, a successful attack on a financial firm would be even worse. ”
Do you think that it is a good idea to hire White Hat hackers? Do you think that organisations can do more to ensure that their security measures are up to scratch?
