With an increasing number of organisations and their clients using cryptocurrency, one of the biggest, and fastest-growing, cybersecurity threats is cryptocurrency theft. Cryptocurrency heists can take just a few seconds to execute and the impacts and consequences can be significant. One recent attack resulted in a loss estimated at around $200 million from the theft of digital assets and removal of traceability.
As we continue to progress further into a digital currency economy, organisations and their treasurers need to be aware of the emerging risks this highly profitable cyber-crime threat poses to an organisation’s cashflow, liquidity and counterparty risks. It is becoming increasingly important for treasurers to ensure risk management systems assess such threats to their organisation, as well as any potential exposure associated with clients and counterparties.
Geopolitical cybersecurity threats are increasing. Attacks can take the form of hacktivism – hacking for politically or socially motivated purposes – denial-of-service (DoS), as well as the use of ransomware and extortion. This is where malicious software is used to hijack systems through encryption in order to steal data, with threats to release it to the public or sell it on the dark web. Such scenarios create significant reputational risks for organisations, as well as potential operational and liquidity risks.
Continuing to work with IT teams, payment providers and technology vendors to understand the impact and implications of potential major outages will become more important than ever. This could include having robust policies around payment of ransoms and understanding how that may affect other types of risks, including: dealing with sanctioned countries; having enough liquidity to make payments; as well as decision-making processes to assess and resolve issues swiftly and effectively.
Does your board understand how quickly cybersecurity evolves, and why preparation and investment in systems to counter cyber threats is crucial? Organisations are facing innovative, sophisticated and highly motivated cyber criminals.
It’s important to understand where cybersecurity investments protect certain points of the organisation across the whole ‘attack chain’. Mapping your investment around these threats and understanding how shifts in ways of working (such as working from home) can impact your cybersecurity investment cycles can be crucial. The National Cyber Security Centre offers support and guidance on writing business continuity and disaster-recovery plans. So, in short, it is important to keep the board updated regularly with regular recommendations for risk mitigation.
The cyber risk landscape is constantly shifting and cyber criminals are always trying to stay one step ahead. Cyber threats need to be continually monitored in order to ensure effective remediation measures are in place. These measures can then be adapted and updated as required. An example of this might be analysing thematic threats against the organisation then overlaying these against vulnerabilities in a system or device.
It would be prudent to work on a prioritised list of risks from the treasury perspective – for example focusing on safeguarding cashflows first and so on. This will enable organisations to concentrate on and prioritise cybersecurity investment. The goal is to be able to move quickly when a cyber threat occurs, ensuring all technology can be patched within hours or days if it suddenly becomes vulnerable.
Once potential threats have been evaluated and prioritised, the organisation can invest in remediation measures and technology to counter cybersecurity threats. It is important that these systems are validated on a regular basis to test the organisation’s defensive posture – it’s vital not to wait until an attack to test the strategy.
Treasurers can collaborate with cybersecurity teams to review where new vulnerabilities or cyber threats may impact on the organisation’s cash management, so they can recognise potential issues and respond effectively.
In summary, cybersecurity is a team game. Collaboration and knowledge-sharing with sector non-profit partners, your bank and official UK organisations will enhance cybersecurity awareness, providing intelligence on threats and information on best-practice approaches.
Barclays Bank PLC is registered in England (Company No. 1026167) with its registered office at 1 Churchill Place, London E14 5HP. Barclays Bank PLC is authorised by the Prudential Regulation Authority, and regulated by the Financial Conduct Authority (Financial Services Register No. 122702) and the Prudential Regulation Authority. Barclays is a trading name and trade mark of Barclays PLC and its subsidiaries. Find out about the Financial Services Register.