Cyber security
WHAT IS THIS? The aim of cyber security is to protect computer systems from disruption or misdirection of the services they provide. Regulators have stated banks and other financial institutions should be able to return to normal operation no more than two hours after suffering a cyber attack.
Commerzbank hires new cyber chief for Americas
Thomas Kartanowicz will oversee cyber risk and information security
Cyber security begins a shift to the risk department
Normally the province of IT, cyber defence is increasingly seen as a critical part of operational risk
Swift user break-ins a ‘repeat business’ for hackers
Cyber thieves have accessed the interbank messaging system through small, developing world banks
Asia moves: SGCIB makes two promotions, Natixis hires three heads, and more
Latest job changes across industry
Disruptive change in US power markets: Identifying risks and embracing opportunities in the new world of digital
Power markets worldwide are experiencing disruptive changes on a bigger scale and with greater speed than many had anticipated. Now, more than ever, it is essential to understand opportunities and risks associated with these changes
Dread of cyber attack and data theft grows at EU banks – survey
More than 60% of respondents predict a rise in op risk
Op risk data: SocGen suffers twin blow with Libor, Libya losses
French bank takes top two slots in monthly loss data roundup. Plus review of H1 losses. Data by ORX News
Bank risk committees: desperately seeking risk managers
Most boards still lack career risk specialists despite tighter governance requirements
Fraud makes up bulk of UK bank op risk loss events
Internal and external fraud on average equalled 64% of all op risk events in 2017 across four large dealers
BoE to set tolerance levels for operational disruptions
Regulator cites recent TSB and RBS outages as it plans incident response framework
Mark Yallop on conflicts in fixed income
Banks and their clients need protocol on information sharing, says FMSB chair
CCPs must step up cyber risk efforts, says EU legislator
Policymakers want more focus on non-default loss resources; Eurex Clearing’s Mueller flags investment risk
Banks explore new data techniques to tackle money laundering
Artificial intelligence in tandem with human analysis seen as effective for know-your-customer
Eiopa targets cyber risk in stress tests
Forty-two insurers quizzed on IT vulnerabilities
OCC’s Morrison on combating the cyber threat to clearing
Cyber security chief eyes analytics and machine learning to help anticipate – and defend against – breaches
Barclays’ cyber chief: try to break your own IT defences
Banks “must go beyond vulnerability assessments”, conference hears
CCPs hike spending on cyber defences
“The thing OCC spent the most incremental funding on in 2017 was improving cyber security,” says COO
Sponsored video: Thomas Lee, Vivo Security
Thomas Lee, chief executive and co-founder of Vivo Security – a start-up firm based in Silicon Valley and sponsors at OpRisk North America – talks about how special the banking industry is to Vivo Security and why its approach to model risk management…
Maybank takes to the dark web to tackle hackers
Bank’s CRO and CTO discuss front-foot approach to cyber threats
Scotiabank’s Daniel Moore on the evolution of the CRO
Data and technology will help risk managers improve risk-adjusted returns
A floored plan: Europe’s CCP recovery rules draw fire
CCPs and clearing members both unhappy with proposed allocation of non-default losses
Bridging networks, systems and controls frameworks for cybersecurity curriculums and standards development
This paper proposes a risk management framework designed to facilitate the alignment, integration and streamlining of professional practice standards and computer science/cybersecurity educational curriculums by bridging NPNATFs, SNIFs and RMCPFs.
Web-enabled devices raise cyber risk fears
OpRisk North America: banks wary of growth in ‘internet of things’
Cyber security expert issues call to modernise Patriot Act
OpRisk North America: current policies make it difficult to share information on cyber attacks