Picture of SMBC
Sumitomo Mitsui was the subject of a £220m robbery attempt in 2005

Hacked bank unifies defences

Sumitomo Mitsui takes integrated view of cyber and physical threats

Written by Tom Young

Computing, 24 Jan 2008

The bank subjected to the UK’s largest ever robbery attempt will be the first in this country to take a joined-up approach to physical and electronic security.

Sumitomo Mitsui Banking Corporation (SMBC) aims to integrate security across 19 offices throughout Europe, followed by the US. Staff will have a single profile, so that the system identifying physical location is the same as that tracking network activity.

To create the holistic system, the traditional management split has been united in a single role, said Andrew Weston, senior information security officer at SMBC for EMEA.

“I am now responsible for physical security and information security ­ the integrated project would be much harder without the combined approach,” he said.

In its first phase, the joined-up system will be rolled out to 1,000 users in the UK by July.

A combination of one-time passwords and fingerprint checks will be required to log on to any bank system.

“The ultimate aim is to have physical and logical access systems, as well as CCTV, all linked together across Europe and the US in the next three years,” said Weston.

In 2005, the bank was the subject of a £220m robbery attempt using a combination of physical and electronic tactics. Thieves gained physical access to the bank and used key-logging devices to glean passwords later used by hackers to access computers.

Weston declined to comment on the incident, but acknowledged that internal threats are a growing concern in the banking sector.

“Over the past year or so everyone has become increasingly aware of the dangers from inside an organisation,” he said.

Combining physical and network security sounds like a logical step. But the strategy does have drawbacks, according to Richard Hackworth, ex-chief information security officer at HSBC.

“Integrating these roles is not a priority for managing risk,” he said. “The issues and skills needed are different for each job and the areas of danger are so different that historically it has been very hard to do.”

The technology will be supplied by Imprivata.

Advertisement

Enjoyed this article? Help spread the word:

Comments

Have your say on this article

Also read

Related articles

White papers

Related jobs

More Accounting jobs

Most read

Most commented

Special Reports

Latest

Spotlight

bryan clark, chief information officer at kpmg europe

Profile: Bryan Clark, chief information officer at KPMG Europe

Getting the right infrastructure is instrumental in consolidating KPMG’s European...

Credit crunch special: guiding business through the storm

The downturn is hurting and recession looms. Will accountants be...

Apprentices, Arnie and Archos in the latest YP

September issue of Young Professional appraises the year for our...

Find your next job

Find your next job

Advertisement

Salary Checker

Newsletters

Sign up here for the very latest news delivered to your inbox. Choose from the following options:

Search white papers

Search white papers

Advertisement

Have your say

THE BIG QUESTION: FAIR VALUE
Should fair value accounting be suspended in the wake of the market crisis?
Yes, it's a big part of the problem
No, don't shoot the messenger

Job of the week

More finance jobs

Advertisement

Your next job