Troels Oerting has a problem. As the group chief security officer for Barclays, he has a squad of elite ex-government agents patrolling the company's digital perimeter. He also has a hefty budget to acquire state-of-the-art technology to protect Britain's second-biggest bank from cyber attacks.
But Oerting, with no small dose of grudging admiration, says his adversaries excel at something that can't be addressed with deep pockets or killer software: They're superb networkers. "The organised crime groups in cyber are sharing much better than we are at the moment," says Oerting, a Dane with a square jaw and the watchful eyes of a cop who's investigated the underworld for 35 years. "They are sharing methodologies, knowledge, tools, practices - what works and what doesn't."
Now he and his counterparts at other big banks are doing some networking of their own. Oerting, who led the European Cybercrime Centre in The Hague before joining Barclays in 2015, has assigned some of his people to join allies from four other big UK banks at an operations centre in London's Canary Wharf complex. They sit side by side with police officers from the UK National Cyber Crime Unit.
The idea is that this industry-government "fusion cell," the Cyber Defense Alliance, will let the sleuths swap tips, techniques, and hunches the same way the bad guys do. "To do this right, you need to have trust," Oerting says. "If I give information to another bank about my breaches, I don't want to see this on the front page of the newspaper the next day."
The effort, the first of its kind in the UK, mirrors a similar initiative in the US called the National Cyber-Forensics and Training Alliance, a nonprofit in Pittsburgh that brings together academics, corporate security executives, intelligence operatives, and law enforcement officials. Barclays has also installed an analyst at Interpol's cyber investigations unit in Singapore.
Joining forces marks a big change for institutions long reluctant to share information about their IT systems, let alone how they're compromised. They've decided they better reboot that mindset fast if they want to counter the online onslaught assailing their walls. In the second quarter of this year, cybercriminals tried to inject more than one million malware programmes into financial companies worldwide, a 50 per cent jump from the same period in 2015, according to Kaspersky Lab, a global cybersecurity company.
J P Morgan Chase, HSBC and the Federal Reserve Bank of New York have all been cyberjacked in some way in the past couple of years. So has Swift, the cross-border payments messaging network that constitutes the global economy's circulatory system. No surprise, then, that banks are throwing a lot of treasure at the problem. J P Morgan Chief Executive Officer Jamie Dimon said in September that he expected the bank's $600-million annual outlay on IT security to soar to $1 billion in the next few years.