February 25, 2015

NY surveying banks on cyber security defenses

byMichael Virtanen

(AP)—New York financial regulators are considering tougher cyber security requirements for banks to mandate more complex computer sign-ins and certifications from the contractors of their cyber defenses, the state's top regulator said Wednesday.

They are already revamping regular examinations of banks and insurance companies by adding targeted assessments of barriers against hackers, Department of Financial Services Superintendent Ben Lawsky said. He's "deeply worried" that within the next decade, or sooner, there will be "a major cyberattack aimed at the financial system" that could create a run or panic that spills over into the broader economy, he said.

"At DFS, we believe that is likely the most important issue we will face in 2015 and perhaps for many years to come after that," Lawsky said in an address at Columbia Law School. Internet architecture has grown up with usernames and passwords to verify identities, but all firms now should now be moving toward "a multi-factor authentication system" with an additional layer of security, he said.

That could be, for example, a randomly generated second password immediately sent to users' cellphones when they log in and is then needed for computer system access, Lawsky said. "As a result, if someone steals or guesses your password, they would not be able to get into the system unless they also have your cellphone," he said.

DFS is also considering random audits of financial firms' monitoring and filtering used to spot illicit transactions, Lawsky said. Over the past four years it has reached several multimillion-dollar settlements with accused of currency transactions through their New York branches on behalf of clients in countries prohibited from U.S. trade.

"Money is the oxygen feeding the fire that is terrorism. Without moving massive amounts of money around the globe, international terrorism cannot thrive," he said. Since his office cannot simultaneously audit every bank, he said they are also considering making senior executives personally attest to the adequacy of their monitoring systems.

© 2015 The Associated Press. All rights reserved.

Citation: NY surveying banks on cyber security defenses (2015, February 25) retrieved 7 July 2024 from https://phys.org/news/2015-02-ny-surveying-banks-cyber-defenses.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Over 100 banks hit by sophisticated cyberattack: report
29 shares

Feedback to editors

Relevant PhysicsForums posts

Laptop suggestions for a Physics Student

Jul 5, 2024

Custom icon for specific file type in Nautilus on Ubuntu 22.04

Jul 4, 2024

The best and most secure password manager

Jul 4, 2024

Cyber security in the modern/post-modern internet

Jun 28, 2024

AI In Actual Use

Jun 27, 2024

Help! Old PC dog has to learn new Mac tricks

Jun 26, 2024

More from Computing and Technology

Load comments (0)