According to HSBC UK’s Chief Executive Officer Ian Stuart, cyber security now needs to be “top of the agenda” for the bank. This shows the increasing alarm among leaders in the financial community. With cyber threats getting more advanced, persistent, and sophisticated in nature, banks are spending heavily to prepare their defenses against possible attacks.
Stuart stated that HSBC UK is currently investing “hundreds of millions of pounds” to upgrade its IT infrastructure. This significant investment underscores the enormous expense faced by the banking industry as a whole in dealing with IT vulnerabilities. With HSBC UK processing approximately 1,000 payments every second and making around 8,000 IT changes and updates weekly, the bank must continuously adapt to the evolving landscape of cyber threats.
In a candid discussion about the challenges posed by cyber security, Stuart expressed his concerns directly: “It does worry me – we can be attacked and we are being attacked all the time.” Institutions such as HSBC are on the frontline addressing imminent threats to their operations. They are taking big steps to protect customers’ data.
The issue of cyber security in the banking sector has been brought into sharper focus following disruptions experienced by other financial institutions. Barclays just faced a major service interruption on one of the most important paydays in January. In reply, CEO Vim Maru recorded a quick video apologizing to customers for the disarray. During that incident, Maru stated that he was “sincerely apologetic for the inconvenience.” He made it real by describing how every time there’s a tech failure, millions of customers feel that effect immediately.
Recent evidence presented to the Commons Treasury Committee revealed a troubling trend: nine major banks and building societies in the UK collectively accumulated at least 803 hours of tech outages over the past two years, equivalent to 33 days. These outages not only disrupt banking services but raise concerns about the vulnerability of financial institutions to cyber attacks.
Prof. Oli Buckley added that attacks on financial institutions are increasingly advanced. This radical advancement calls for a step back and rethinking of our existing security practices. We know that banks are under tremendous stress. Consequently, they understand that they need to spend extensively on their technological bases. As Stuart pointed out, “I think the amount of money banks – all of us – will be putting into our systems is enormous.”
The seriousness of these concerns is made even more urgent by recent, real-life examples from the retail industry. Retailers, including Co-op and Marks and Spencer, have badly disrupted of late thanks to ransomware strikes. This development highlights how the cybercriminal charges have spread from banks to all sectors.
HSBC UK is currently facing compensation claims of £12.5 million due to IT failures. This incident serves as a reminder of just how financially devastating cyber attacks can be. The continued conversation around these vulnerabilities serves as a reminder of a hard truth — businesses will be attacked, it’s not an if, but a when. Cybersecurity expert Lisa Forte drives this point home.