Home > Research > Publications & Outputs > Could a cyber attack cause a systemic impact in...

Electronic data

  • Systemic risk - Author accepted

    Accepted author manuscript, 726 KB, PDF document

    Available under license: CC BY-ND: Creative Commons Attribution-NoDerivatives 4.0 International License

  • WarrenKaivantoPrince(2018)CouldaCyberAttackCauseaSystemicImpactintheFinancialSector

    Final published version, 1.06 MB, PDF document

Links

View graph of relations

Could a cyber attack cause a systemic impact in the financial sector?

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Published

Standard

Could a cyber attack cause a systemic impact in the financial sector? / Warren, Phil; Kaivanto, Kim Kaleva; Prince, Daniel David Campbell.
In: Bank of England Quarterly Bulletin, Vol. 2018, No. 4, 21.12.2018, p. 1-11.

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Harvard

APA

Vancouver

Warren P, Kaivanto KK, Prince DDC. Could a cyber attack cause a systemic impact in the financial sector? Bank of England Quarterly Bulletin. 2018 Dec 21;2018(4):1-11.

Author

Warren, Phil ; Kaivanto, Kim Kaleva ; Prince, Daniel David Campbell. / Could a cyber attack cause a systemic impact in the financial sector?. In: Bank of England Quarterly Bulletin. 2018 ; Vol. 2018, No. 4. pp. 1-11.

Bibtex

@article{e80a66428e5c429eaceddf39c2a98bc7,
title = "Could a cyber attack cause a systemic impact in the financial sector?",
abstract = "There is not a uniform view of the link between cyber risk and systemic risk: some assume a direct link whereas others query the connection. Beyond nation states, the vast majority of independent cyber attackers are currently unlikely to have the capability to systemically impact the financial sector. The financial sector has a large number of environmental features which are conducive to a systemic cyber compromise. There are no current examples of systemic cyber risk crystallising and impacting the real economy but this does not prove an absence of risk. We conclude there is a credible case to link cyber risk to systemic risk in the financial sector. Recommendations for future consideration include: further development of the intelligence-led approach to cyber security; policy responses that seek to cut through sectoral, geographical and public/private boundaries; organisations should accept that compromises are likely to happen and therefore prioritise response and recovery activities; undertake further studies to better understand the relationship between data integrity and authenticity, trust in financial services and the potential for real-economy impact via a cyber attack; a specific focus on risks associated with third-party dependencies.",
keywords = "systemic risk, financial stability, cyber attack, cyber risk",
author = "Phil Warren and Kaivanto, {Kim Kaleva} and Prince, {Daniel David Campbell}",
year = "2018",
month = dec,
day = "21",
language = "English",
volume = "2018",
pages = "1--11",
journal = "Bank of England Quarterly Bulletin",
number = "4",

}

RIS

TY - JOUR

T1 - Could a cyber attack cause a systemic impact in the financial sector?

AU - Warren, Phil

AU - Kaivanto, Kim Kaleva

AU - Prince, Daniel David Campbell

PY - 2018/12/21

Y1 - 2018/12/21

N2 - There is not a uniform view of the link between cyber risk and systemic risk: some assume a direct link whereas others query the connection. Beyond nation states, the vast majority of independent cyber attackers are currently unlikely to have the capability to systemically impact the financial sector. The financial sector has a large number of environmental features which are conducive to a systemic cyber compromise. There are no current examples of systemic cyber risk crystallising and impacting the real economy but this does not prove an absence of risk. We conclude there is a credible case to link cyber risk to systemic risk in the financial sector. Recommendations for future consideration include: further development of the intelligence-led approach to cyber security; policy responses that seek to cut through sectoral, geographical and public/private boundaries; organisations should accept that compromises are likely to happen and therefore prioritise response and recovery activities; undertake further studies to better understand the relationship between data integrity and authenticity, trust in financial services and the potential for real-economy impact via a cyber attack; a specific focus on risks associated with third-party dependencies.

AB - There is not a uniform view of the link between cyber risk and systemic risk: some assume a direct link whereas others query the connection. Beyond nation states, the vast majority of independent cyber attackers are currently unlikely to have the capability to systemically impact the financial sector. The financial sector has a large number of environmental features which are conducive to a systemic cyber compromise. There are no current examples of systemic cyber risk crystallising and impacting the real economy but this does not prove an absence of risk. We conclude there is a credible case to link cyber risk to systemic risk in the financial sector. Recommendations for future consideration include: further development of the intelligence-led approach to cyber security; policy responses that seek to cut through sectoral, geographical and public/private boundaries; organisations should accept that compromises are likely to happen and therefore prioritise response and recovery activities; undertake further studies to better understand the relationship between data integrity and authenticity, trust in financial services and the potential for real-economy impact via a cyber attack; a specific focus on risks associated with third-party dependencies.

KW - systemic risk

KW - financial stability

KW - cyber attack

KW - cyber risk

M3 - Journal article

VL - 2018

SP - 1

EP - 11

JO - Bank of England Quarterly Bulletin

JF - Bank of England Quarterly Bulletin

IS - 4

ER -