Key UBF move to ward off cyber attacks on banks

The powerful UAE Banks Federation on Thursday took a major initiative by launching the Middle East's first threat intelligence sharing platform for banks in the Emirates to counter a "sharp uptick" in cyber attack threats in the region.
Abdul Aziz Al Ghurair, Chairman of UBF, said the anti-cyber-crime platform - Information Sharing and Analysis Centre (ISAC) - powered by Anomali, a provider of market-leading threat intelligence platforms, seeks to safeguard the UAE's banks from cyber security breaches.
"Initially, 13 founding banks of UBF will share cyber security intelligence in new UBF-ISAC, powered by Anomali ThreatStream, but later on the platform's service would be extended to other banks and even other sector," said Al Ghurair.
The UBF initiative, the first of its kind in the Middle East private sector, comes in the wake of alarming reports that a global cyberattack could result in damages of as much as $121.4 billion in an extreme event, comparable to economic losses caused by Hurricane Katrina in 2005.
Lloyd's of London said in a report that average losses from a scenario where an attack would cause a widely used cloud-service provider to fail would be $53 billion, depending on organisations involved and the length of the data storage disruption. Insurers could face total claims in that scenario ranging from $620 million to $8.1 billion, according to the report.
ISAC will aggregate, correlate, and analyse threat data from multiple sources in real-time to support defensive actions. The new UBF-ISAC lays the foundations for a fruitful relationship, and aims to enhance the understanding of threat intelligence, showcase the value of collaboration, and provide ongoing training, said Al Ghurair.
Founding members of UBF include HSBC, CBD, ADCB, Barclays, CBI, Citibank, ENBD, FAB, Mashreq, Noorbank, SCB, ADIB, and NBF. In a phased approach, the platform's surveillance will encompass all of UBF's member banks.
"Our partnership with Anomali to build this platform will allow banks to get quipped with the tools and intelligence to better identify, protect, detect and respond to cyber-attacks. It will help to establish the importance and value of seamlessly collecting, sharing and analyzing data, while allowing for anonymous reporting. Together, we can then reduce sensitive data exposure and make more informed decisions and investment strategies," said Al Ghurair.
Anomali's ThreatStream platform helps to order and interpret the ever growing amount of threat data available to organisations from internal and third-party sources.
"It aggregates threat intelligence, enriches and dedupes it, removes false positives, and builds clusters of relating information. As well as streamlining threat information sharing and collaboration, the ISAC will enable members to apply context to intelligence, where breach details shared quickly could mean the difference in someone else being attacked," said Jamie Stone, vice president, Europe, Middle East and Africa.
"The UAE is the financial services hub for the Middle East and it's essential that it takes the lead in embracing threat intelligence sharing," said Stone. "The Middle East has seen a sharp uptick in cyber-attacks recently, so the adoption of new, technologically advanced processes is paramount and sharing intelligence bolsters defenses exponentially," he said.
With every fourth business experiencing a targeted attack in the last 12 months, the need for organizations to have effective threat detection systems in place is now more crucial than ever.
Kaspersky Lab's Anti Targeted Attack Platform detected 100 per cent of threats in its latest ICSA Labs verification test - underlining the advanced level of threat detection that it offers enterprises, including those with the strictest cybersecurity requirements.
Cyber experts said prominent hacker attacks such as WannaCry in May and Petya in June have raised awareness of the vulnerability some companies have to cyber crime and insurers are seeking to get into the market by offering coverage for such attacks.
Banks and other financial institutions are prime targets for hackers because criminals can gain access to financial and personal information that leads them to additional sources of funds, they said.
- issacjohn@khaleejtimes.com