Uk Banks Security Problem
Essay by people • August 6, 2011 • Essay • 502 Words (3 Pages) • 1,805 Views
A few years ago, the managers of United Kingdom banks met to discuss the threats to them from computer crime. One of the managers addressed the others as follows:
"On the rare occasion when a minor incursion is detected it is better that we, as Banks, all agree never to admit publicly that we have become victims. We must at all costs avoid relying on the police. The law, too, is too weak to be a sufficient deterrent. We would do better to make our own arrangements entirely"
Another manager nodded his agreement "I recently saw the Hollywood film 'Sneakers' starring Robert Redford and his team of hackers who hired themselves out to companies to conduct permitted hacks of their systems. I think we should all use the services of such hackers to satisfy ourselves that our computer security arrangements are adequate"
1. Give your opinion on why the first manager may have suggested not involving the police.
Issues Identified
* Involving of police means inviting legal trial and investigation, which also means that the public will be aware about all the happenings of the bank and its lack of security.
* May be the customer would lose the faith on the bank and loose the customers.
* Legal investigation can intrude their working and facing the trial can waste their time.
* Involving (Notification to) the public will be an extra burden for the banks.
* May be the law doesn't protect enough or doesn't have much benefits for banks.
* It is also possible that the bank assumes that its online system is well protected and would do the changes as and when needed i.e. after it has become victim.
* Considering financial point of view, it may be costing huge amount for the banks to actively run and monitor online systems. So by avoiding the police and law they can minimise the cost to it and ignore the mandatory standard requirement to follow.
Suggestions
* Involving the police would be a better idea as wrong doings of the bank will only be realised when it loses its customers/profit/market value and further it would take precautionary steps to avoid further fall outs.
* Law must be reframed so that it matches the current scenario of technology and protects the data of the current customers. The laws must be evolving and should be kept up-to-date. Recently BBA (British Bankers' Association) introduced a mandatory requirement for the all UK banks which stats:
"I intend to introduce a mandatory requirement to notify data security breaches" - Ms Viviane Reding, Vice-president, British Bankers' Association. [www.telegraph.co.uk, 2011]
* Constant
...
...