The payments industry suggests combined approach to tackle growing cyber threat

By Gaia Lamperti

Payments 20, the leading voice of the global payments industry, has collaborated with some of the largest payment firms and law enforcement organisations to develop a standard approach that will help firms defend themselves against the growing, global cyber threat.

The uncertainty and disruption caused by the Covid-19 pandemic have presented cybercriminals with a wealth of opportunities to attack. Since March 2020, cybercrime has rocketed, with 74% of banks experiencing a rise in cyber-attacks and 3 out of 4 financial institutions worrying about the historic rise in criminal activity and what will happen going forward.

So, the advocacy group in collaboration with organisations such as American Express, Elavon, Hogan Lovells, J.P. Morgan Chase, the UK National Cyber Security Centre, and the New York State Department of Financial Services, worked on a recently published new report entitled “20 Best Practice Recommendations for Improved Cyber Security Protection.”

“As businesses across the globe embraced remote working and shifted operations online, the state-sponsored and professional criminal gangs exploited the weaknesses of security apparatus and the fears of individuals,” Duncan Sandys, Chief Executive Officer at Payments 20, said.

Aimed at non-cyber professionals, the report emphasises the urgency of implementing more efficient and comprehensive cybersecurity frameworks in response to the increasing capabilities of cybercriminals, scammers, and other nefarious actors increasing their activities since the beginning of the Covid-19 pandemic.

“At P20, we believe everyone has a part to play in protecting their organisation and its reputation against this threat. This is why we joined forces with leading financial institutions, cyber security experts, and government officials to compile standardised, easy to implement actions for non-cyber experts which will go a long way in strengthening their organisations’ defences and protecting their customers,” Sandys commented.

The best practice actions developed in Payments 20’s report cover five areas:

• Network security
• Data handling
• Employee awareness
• Actions before a cyber-attack occurs
• Actions immediately after a cyber-attack occurs

The cyber security problem represents a serious systemic threat to the global financial system, a sentiment echoed by Chairman of the Federal Reserve Jerome Powell, who in April 2021 said he worried that a cyber-attack may result in the next great financial crisis. This highlights the need to a collective global, standardised approach towards counteracting the threat.

Paul Maddinson, Director for National Resilience & Strategy at the UK National Cyber Security Centre (NCSC), said: “There are several things that we recommend for small organizations to get those basics right. One is about backing up data and making sure you’re doing that properly. The second is using passwords appropriately. The third is keeping your devices updated and making sure that the software is patched. The fourth is putting some protections in place against malware and then trying to avoid phishing attacks through email and how your staff respond.” 

The publication of the report comes ahead of Payment 20’s annual Global Payment Conference, taking place on 28-29 September 2021 where cybersecurity will be a key talking point. The conference will bring together hundreds of industry leaders, politicians, government officials, regulators, thought leaders, and others to highlight trends, debate priorities, and shape the industry’s future.