Banks "not adequately prepared for cyber attack recovery" - Tectrade in IBS Journal

Banks "not adequately prepared for cyber attack recovery" - Tectrade in IBS Journal

Tectrade's Alex Fagioli is featured in IBS Intelligence Journal discussing how banks are not adequately prepared for cyber attack recovery.  

The Bank of England’s decision to delay cyber stress testing for banks as it focuses on Brexit preparations is a token of the sector’s lack of preparation for security disasters, a data recovery expert has warned.

Alex Fagioli, CEO of data storage and recovery specialist Tectrade, said the BoE’s financial policy committee’s decision to put off testing, which was due to happen early next year, should come as no surprise.

“The FCA, which is currently reviewing the findings of a joint initiative by the Bank of England to look into outages, has recently claimed that financial institutions are ‘overly confident’ in their abilities to handle IT systems,” he said. “This overconfidence was perhaps best exemplified by the major TSB failures in April and September that saw customers unable to access their online banking services. Between these major cases and more minor instances of IT outages, companies in the financial services sector reported a 138% rise in failures over the past year.”

Fagioli poured cold water on the suggestion of a mandatory maximum two-day outage period, saying that in reality this is something few banks are capable of: “This is less to do with attitudes than it is to do with the makeup of IT infrastructure,” he commented. “One alternative is a zero-day recovery architecture that enables administrators to quickly bring work code or data into operation in the event of any outages. Zero-day recovery is an evolution of the 3-2-1 backup rule – with three copies of your data stored on two different media and one backup kept offsite. It enables an IT department to partner with the cyber team and create a set of policies which define the architecture for what they want to do with data backups being stored offsite, normally in the cloud. Before outages become more serious, banks should look to an approach such as zero-day recovery to minimise downtime and mitigate risk.”

View original article 

Learn More

23.03.2019