Big Banks Form New Group to Combat Cyber Threats

Photographer: SeongJoon Cho (Bloomberg)

In a sign of that cyber threats continue to pose a vexing problem, eight large U.S. banks are forming a new group to share information.

The new cyber sharing group — which comes after thousands of banks formed a group earlier — will include Goldman Sachs, Morgan Stanley, Bank of America, J.P. Morgan Chase, State Street, Bank of New York Mellon, Wells Fargo and Citigroup, according to the Wall Street Journal.

From the WSJ article:

While still in its early stages, the big banks expect the group members will share more information with each other about threats, prepare comprehensive responses for when attacks occur and conduct war games designed for the issues facing the biggest institutions.

The big banks are currently part of a wider group of banks that looks to share information about cyberrisks. But with 7,000 members, the biggest banks felt they needed an outlet that reflected the fact they are more likely to be targets of hackers than their smaller brethren and have more complex systems, according to people familiar with the matter.

The financial-services industry ranked third in number of cyberattacks last year, after health care and manufacturing, according to a U.S. cybersecurity report released by IBM Corp. in May. Two years ago, J.P. Morgan, the largest U.S. bank by assets, was targeted by cybercriminals in a breach that exposed names, addresses and other information of 76 million customer households, although no money was taken.

The move comes after hackers, perhaps connected to Russian authorities, hacked the Democratic National Party’s servers, and banks feel increasingly vulnerable.

“JP Morgan is going to spend a half-billion dollars on security this year, and we still feel challenged,” Andy Cadel, general counsel, IP and data protection for J.P. Morgan Chase said this January.

In March 2015, an internal Citigroup report leaked and it pointed to banks as a weak link in the cyber security defense network, citing the fact that few law firms ever disclose a breach.

Following banks’ lead in creating a cyber threat sharing information, last August, law firms created the Legal Services Information Sharing and Analysis Organization.

The current threat climate is already changing the legal landscape. For instance, in late June, Stacy Phillips, a leading divorce attorney for Hollywood celebrities joined Blank Rome, saying that she wanted to focus on her practice, and not have to worry about hackers.

“I wasn’t sleeping at night because I was worried about cybersecurity,” Phillips told us.