Regulators for the state of New York are planning to take steps to make banks become better prepared for an Armageddon-type cyber attack that could seriously damage U.S. and even global financial markets.
Benjamin Lawsky, chief of the Department of Financial Services (New York’s bank regulator), says he is worried a major cyber attack on Wall Street firms could “spill over into the broader economy” and wreak massive damage.
Lawsky noted he developing improved rules to force banks and insurance firms regulated by DFS to better protect themselves against cyber attackers.
Statement from Lawsky
“We are concerned that within the next decade, or perhaps sooner, we will experience an Armageddon-type cyber event that causes a significant disruption in the financial system for a period of time,” Lawsky commented Wednesday in comments at Columbia Law School.
He said this kind of attack could be a “cyber 9/11.”
More on NY DFS plan to prevent bank cyber attack
DFS regulates scores of banks and insurance companies licensed to operate in New York. The agency has the power to fine or even close down banks s well as impose new regulations on their operations.
In order to both prevent and mitigate a bank cyber attack, Lawsky commented that he would like to see cyber security added as a category to the grades DFS awards to banks and insurance firms every year. He noted financial institutions “care deeply” about the grades they get as the grades can impact their ability to pay dividends or acquire other firms.
He also pointed out that DFS could also require multifactor authentication systems for employees of DFS-regulated firms, saying sngle-step passwords “should have been dead and buried many years ago.”
Lawsky is also considering making banks and insurance companies licensed by DFS get guarantees from third-party vendors that their security also meets pre-deffined standards. Third-party vendors are often used as a “backdoor entrance for hackers,” he noted.