Monitoring third party’s cyber security is a growing concern for banks, according to Paul Williams, senior technical advisor, operational risk and resilience at the Bank of England (BoE).
“Cyber has been a key topic for the entire duration that I have been in the role at the bank, which has been five or six years,” said Williams on a panel at Sibos in London this week.“My view is that managing third parties, managing supply chain assurance of a third parties, fourth parties, fifth parties and understanding that problem is likely, and certainly from the discussions I have had with the industry, is creeping up as one of the bigger worries.
“It is easy to get dragged into the policy of dispair at that point even on an institutions basis, and so there are so many third parties, and the relationships are so complex we don’t know how to deal with those,” he said.
On May 14, BoE’s director of supervisory risk specialists, Nick Strange gave a progress report on operational resilience, and announced that the Financial Policy Committee (FPC) would have an upcoming stress testing pilot on payment systems.
“The FPC has indicated that it will…
