JPMorgan’s Military-Style Cybersecurity Response

JPMorgan Chase is not taking cyberthreats lightly. On the contrary, it has chosen to respond to them with military-grade strength when it comes to staffing its new cybersecurity unit.

In June of last year, the company suffered a massive breach of its computer network where hackers stole the names, addresses, and email addresses of 83 million individuals and small businesses. As recourse, JPMorgan’s security chief James Cummings has implemented a comprehensive security operation with a focus on staffing it with ex-military officers, Bloomberg reported.

According to two sources that spoke to Bloomberg, Cummings and Gregory Rattray, JPMorgan’s chief information security officer — who, like Cummings, is a former Air Force Colonel — believe that the June 2014 breach constituted a matter of national security (JPMorgan spokeswoman Patricia Wexler said the company never concluded as such, according to the report). Early on in their investigation of the attack, sources also said the men strongly suspected that the Kremlin was responsible for it.

Rattray and Cummings petitioned the Federal Bureau of Investigation to acknowledge that the cyberattack was one serious and sophisticated enough to warrant consideration as having been state-sponsored, but the FBI declined their request, the report said.

“The evidence collected thus far points to it being a criminal actor and not a nation-state,” Ari Baranoff, assistant special agent in charge of the Secret Service’s Criminal Investigative Division, told Bloomberg.

Nevertheless, the Bloomberg report indicated that JPMorgan remains convinced that it faces threats from governments in China, Iran, and Russia, and is carrying its security business accordingly. It has even built a security service facility in Maryland near Fort Meade, home of the National Security Agency, for the specific purpose of drafting military talent into its ranks.



The pressure on banks to modernize their payments capabilities to support initiatives such as ISO 20022 and instant/real time payments has been exacerbated by the emergence of COVID-19 and the compelling need to quickly scale operations due to the rapid growth of contactless payments, and subsequent increase in digitization. Given this new normal, the need for agility and optimization across the payments processing value chain is imperative.

Click to comment