Financial services body TheCityUK has called for the creation of a new Cyber Forum comprising key board members, CISOs and risk managers, to support the government’s attempts to improve information security.
The recommendation came in a new report from the group: Cyber and the City.
It suggests that the forum could be established as a committee of TheCityUK, with links into the BBA and other trade bodies.
It claimed a “steering group of board level cyber risk owners and a working group from the risk or CISO community” would help the financial services industry “mobilize itself around its own defense and to reinforce the goals of government.”
Specifically, a Cyber Forum could help improve information sharing in the industry via platforms such as CISP.
The report continued:
“Information-sharing works when contributors get something back – a committee structure will create peer pressure to contribute which will in turn make contributing more worthwhile. It will also help identify any barriers to contribution (such as customer anonymity or regulatory reaction) that need resolving. The information-sharing should be within the sector, but with links to and from the police and intelligence services to support offensive action against criminals.”
The group could also help to alleviate problems in the jobs market by encouraging apprenticeships and education programs for cybersecurity, as well as encouraging adoption of the government’s Cyber Streetwise and Cyber Essentials initiatives, the report claimed.
A Cyber Forum would also be instrumental in outreach to third parties such as regulators – by putting forward guidelines on cyber assessment – the Bank of England – engaging on risk management – and supporting the development of a UK cybersecurity sector.
The report also suggests that the government could effectively introduce tax breaks to offset the extra investment needed by the financial services sector in these new cyber initiatives – which may not be politically popular.
Andy Buchanan, area VP UK and Ireland for security vendor RES, welcomed the proposed creation of a Cyber Forum.
“For too long there has been a lack of knowledge sharing across all industries, including financial services. As the saying goes, knowledge is power,” he argued. “By sharing information banks would have better, smarter intelligence into how to shore up their defenses and innovate accordingly in the face of a determined, highly adaptive and sophisticated opponent."