Obeying New Hack-Attack Law to Cost Banks Millions

Article excerpt

Byline: PETE WARREN

BRITAIN'S banks are being forced to reveal potentially damaging details about how often they have been attacked by computer hackers.

New international banking laws mean financial institutions must be more open about their vulnerability to IT-related risks, including socalled cyber attacks, so their insurers and auditors can gauge their liability.

The new openness demanded by the Basel II regulations looks set to cost the industry hundreds of millions of pounds as banks set up databases detailing a minimum of three years of hack attacks.

Banks will have to pass the information to their insurance-companies and auditors, and to international regulators from 2007, so they must set up systems to log and monitor attacks from now on.

Complying with the rules will cost the average-sized British bank an estimated [pounds sterling]200 million over the next five years.

Traditionally reluctant to tell outside organisations about security matters for reasons of commercial secrecy, and in some cases simple embarrassment, banks have been bitterly opposed to this new legislation.

The very existence of attacks by cyber-criminals is one of the industry's bestkept secrets, much to the frustration of police. …