Securing Financial Institutions requires careful forethought and planning
High-risk threats may appear in either a physical or cyber capacity
The number of targeted cyber-crimes recorded (including fraud and malware) against the financial services industry has reached an all-time high in recent years, leaving financial institutions employing dozens of online tools to protect enterprises’ and consumers’ most critical and private data. But this leads to question, what measures are there to security of the operations of these institutions whilst attention is diverted online?
As the UK social situation continues to be tremulous, mitigating risk to property housing the financial services has become a much larger, encompassing task. Whilst physical robberies on commercial banks may be as rare as the Jane Austen five-pound banknote, incidents do continue to occur and with reports noting an influx of ballistic weapons into the UK, this now poses a unique threat. Individuals and enterprises are also demanding more. Previously, the risk of apprehension faced by criminals outweighed the potential reward but as motives change from greed to grievance, a financial breach will have implications beyond that of monetary loss.
Regarding the physical security of financial institutions, it is important to remember there is no one solution. A risk to the financial services organisation can appear in many different forms, whether it is intellectual property theft or internal sabotage, but ensuring against violent crime ensures contingencies are in place should an incident happen. By focusing our attention on the properties’ physical threats, the potential methods of attack can be categorised and efficiently defended against.
Download our guide on how to assess which security rating you need
Due to the very nature of data collected by financial institutions, there are heavy and definitive regulations in place covering every element of security, including how to approach standarisation.
Financial data (including personal finance records, company financials and industry knowledge) can be extremely valuable when made available to the wrong party, therefore the standard of security is of critical importance. For example, the London property market is experiencing an influx of foreign investors that from an economic perspective, benefiting both industry and the country.
If a new investor received news that their large financial institution, their bank, had failed to protect itself from a data breach, the investor may rethink the business opportunity and reputation of the UK financial industry would take a massive blow. This is worst case scenario, but necessary to consider on initial assessment due to the very possible consequences.
Once the threat has been categorised, the physical risk must be determined for the most effective solution to be integrated within the building’s architectural structure.
Similar to the understanding with cyber security that the better quality and higher quantity firewalls there are in place to protect a server, the physical measures a project specifies must be effective in protecting the building from numerous attack methods. As it very unlikely for an opportunist criminal to attempt a robbery, the style of attack financial institutions are at risk from sophisticated, as will the tools be.
Common challenges when securing financial institutions
Possibly the sector most dependent on cyber-security and online protection software, there is very little worth protecting a building against an attack that can be accomplished without any physical risk. Physical security measures must intelligently integrate all elements of the security matrix. Essentially, one element cannot work without the other.
Securing a financial services premises against manual Bodily Force is a straightforward procedure, however, if the staff are untrained in what to do should the intruder attack building use to their advantage Power Tools, Ballistic or Blast then the building cannot be considered secure. Again, all the training made available to staff will not protect from a vehicle ramming the building. There must an even approach to all elements for any of them to work effectively.
Hardware technology has come on in leaps and bounds alongside the development of software. Critical for financial institutions is the protection of their data in raw format. Server rooms and Data Centres within facilities that serve the financial services must have additional measures. This can include restricted access for high-security level personnel only as it will be this area of the building the sophisticated attackers will know to be where the most important information is held.
The most common problem risk managers and Security Professionals face when securing properties such as financial institutions are that the property type will not accommodate for the physical security measures necessary – either in the structural engineering or in style. Though the style is less relevant, there are still restrictions in terms of UK building regulations, but there must also be a consideration for kerb appeal and understating how a serious a risk there is to the staff and public. Charter Global offer a unique catalogue of solutions to accommodate are property type, risk profile and client requirements.