Picture of SMBC
Sumitomo Mitsui was the subject of a £220m robbery attempt in 2005

Hacked bank unifies defences

Sumitomo Mitsui takes integrated view of cyber and physical threats

Written by Tom Young

Computing, 24 Jan 2008

The bank subjected to the UK’s largest ever robbery attempt will be the first in this country to take a joined-up approach to physical and electronic security.

Sumitomo Mitsui Banking Corporation (SMBC) aims to integrate security across 19 offices throughout Europe, followed by the US. Staff will have a single profile, so that the system identifying physical location is the same as that tracking network activity.

To create the holistic system, the traditional management split has been united in a single role, said Andrew Weston, senior information security officer at SMBC for EMEA.

“I am now responsible for physical security and information security ­ the integrated project would be much harder without the combined approach,” he said.

In its first phase, the joined-up system will be rolled out to 1,000 users in the UK by July.

A combination of one-time passwords and fingerprint checks will be required to log on to any bank system.

“The ultimate aim is to have physical and logical access systems, as well as CCTV, all linked together across Europe and the US in the next three years,” said Weston.

In 2005, the bank was the subject of a £220m robbery attempt using a combination of physical and electronic tactics. Thieves gained physical access to the bank and used key-logging devices to glean passwords later used by hackers to access computers.

Weston declined to comment on the incident, but acknowledged that internal threats are a growing concern in the banking sector.

“Over the past year or so everyone has become increasingly aware of the dangers from inside an organisation,” he said.

Combining physical and network security sounds like a logical step. But the strategy does have drawbacks, according to Richard Hackworth, ex-chief information security officer at HSBC.

“Integrating these roles is not a priority for managing risk,” he said. “The issues and skills needed are different for each job and the areas of danger are so different that historically it has been very hard to do.”

The technology will be supplied by Imprivata.

reader comments

related articles

Computing comment logo

Business must see IT as everyday task

There will always be a need for technology experts. But what business needs is to see IT as part of everyday life 24 Jan 2008

 

ING Direct seeks security using anti-keylogging

New security login process for online bank 14 Dec 2006

HSBC online banking fears

Researchers claim they have discovered a vulnerability in HSBC's online banking security 10 Aug 2006

The hackers who can put your IT security to the test

Computing reports on how businesses are using penetration testing 13 Oct 2005

Physical and IT security must go together

Former national crime-reduction co-ordinator at the National Hi-Tech Crime Unit advises firms on security 04 May 2005

Bank attack used key-loggers costing just £20

£220m theft attempt used battery-sized bugging devices 21 Apr 2005

Security

Huge rise in fraud against UK banks

Organised gangs turn to large-scale electronic heists 30 Jul 2008

Security chiefs urged to embrace risk

Chief information officers should be more strategic when shoring up enterprise systems 03 Apr 2008

KPMG finds bank fraud cases at record high

KPMG’s latest research shows bank fraud court cases reached a record high in the first half of 2008 29 Jul 2008

related whitepapers

today's top stories

The Big Picture

Learning from the credit crunch to avoid a broadband crunch

While it might be the most pressing issue de jour , the financial system isn’t the only area where government needs to... 10 Oct 2008

Management

How careerism can warp IT procurement

Many working in IT put their career interests before those of their employer when weighing up purchasing options 10 Oct 2008

Management

City in pressing need of skilled IT matchmakers

With the financial services sector plunging ever deeper into an M&A maelstrom, IT leaders are having their systems integration skills and due diligence expertise tested as never before 09 Oct 2008

Software

The definitive guide to software development

Five key trends and five best practice tips to help you improve your programming capabilities 09 Oct 2008

Management

Computing podcast - IT implications of the banking crisis, and the FSA clamps down on IT security

We discuss the effect of shotgun mergers and acquisitions on financial services IT staff, and examine the industry regulator's plan to fine directors for information security breaches 09 Oct 2008

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job


IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Would you apply for a job that was advertised on Facebook or a similar social networking site?

Would you apply for a job that was advertised on Facebook or a similar social networking site?

The government is using Facebook to recruit IT staff - would you apply to such an ad?

Previous poll results

> More polls

Latest audio and video articles

programming codeVideo

The definitive guide to software development

Five key trends and five best practice tips to help you improve your programming capabilities 09 Oct 2008

Podcast imageAudio

Computing podcast - IT implications of the banking crisis, and the FSA clamps down on IT security

We discuss the effect of shotgun mergers and acquisitions on financial services IT staff, and examine the industry regulator's plan to fine directors for information security breaches 09 Oct 2008

> More audio and video

Latest in-depth articles

Financial Services Authority buildingAnalysis

FSA threatens executives with fines

Senior management to be held accountable for security lapses at banks 09 Oct 2008

Comment

Broadband must be a spending priority

For the economic health of the nation, the government would do better to bankroll an optical fibre rollout rather than prop up profligate banks 09 Oct 2008

> More in depth articles

Advertisement

Primary Navigation