CIO Forum: Bank CIOs on the crime frontline

CIOs within the financial services sector have said they have to up their efforts in the war on cyber crime if they are to win back customer confidence.

Speaking at the silicon.com CIO Forum in London, CIOs from Barclays, Deutsche Bank and Mitsubishi Securities outlined how they approach and tackle cyber crime.

Gary Edwards, CIO of Barclaycard IT, said his organisation is attacked every seven minutes.

Such a statistic reveals the extent to which panel members find themselves at the frontline when it comes to fighting cyber crime. And they don't believe it is a problem which is going to go away.

Edwards told a packed room full of delegates: "We shouldn't underestimate the investment the criminal community will put into illegal activity."

But it's not all big budget high-sophistication. Highlighting the ease with which such crimes can be committed, Jason Hart, head of security at White Hat, said: "I could go onto Google tomorrow and get enough information to commit identity theft until 2010."

And the panel don't expect much help from the government as long as criminals always have more hacker-friendly borders to hide behind.

Mitchel Lenson, former group CIO Deutsche Bank, said: "Lobbying our government might be worth doing but if we win them over there are then 500 other governments to lobby and frankly I don't have the energy."

And where phishing is concerned Lenson is similarly pragmatic. "You can't stop somebody taking what you do and replicating it on a bogus website," he said. "You have to stop them with customer education."

Certainly education is key and you can never start early enough, said the panel, recommending it wouldn't be too extreme to start with educating schoolchildren about the threat of identity theft.

Lenson said the banks must now make up for a period during the 90s when they pushed customers away and distanced them from the banks' messaging.

"What we did during the 90s was push relationships away because we thought people would use ATMs and not need to speak to anybody," he said, urging banks to now do what they can to interact and communicate with customers in an attempt to bridge the gaping education divide in which fraudsters operate.

Edwards said: "We will do anything that is sensible and pragmatic which will increase customer confidence."