Daniel Roland / AFP / Getty Images
show image

Oscar Williams

News editor

Banks will soon have to tell the ECB every time a major cyber attack strikes

Banks operating within the Eurozone will soon be required to notify the European Central Bank (ECB) every time they are hit by a major cyber attack.

The new reporting framework will come into force this summer following the completion of a successful pilot phase last year.

Sabine Lautenschläger, vice chair of the supervisory board of the ECB, said in a speech in Frankfurt that the measure would help to identify vulnerabilities in banks’ defences.

“This will help us to assess more objectively how many incidents there are and how cyber threats evolve,” said Lautenschläger.

Cybersecurity is rising up the boardroom’s list of priorities after a spate of recent attacks.

The issue was catapulted into the spotlight last year when hackers believed to be working on behalf of North Korea hacked into Bangladesh’s central bank.

The $81m heist, which is believed to have been carried out by the Lazarus Group, stunned the cybersecurity and banking sectors.

The WannaCry malware that compromised parts of the NHS and thousands more organisations, including several Russian banks, last month has also prompted a fresh focus on cybersecurity.

Around half of banks now consider cybersecurity as one of their top three priorities.