September 13, 2016
The Central Bank of Ireland has warned that regulated financial firms here are not implementing “sufficiently robust” IT systems and controls and must increase their resilience to technology failures to “minimise the potential impact on their business, reputations and the wider financial system”.
In guidance published on Tuesday on IT and cyber security risks, the Central Bank said regulated firms should assume that they will be the subject of a “successful cyber-attack or business interruption”.
The regulator found that alignment between firms’ IT strategy and the overall business strategy was weak. “IT capabilities are not matched to the business ambitions,” it said.
The bank said firms were not taking a rounded view of IT risks across the business, which results in “poor identification, monitoring and mitigation of IT risks”.