That banks are under constant threat of cyberattack is well known – just last week PYMNTS reported on an international bank hack that robbed 100 banks worldwide of an estimated $900 million. Now Wall Street banks and the big law firms that serve them want to do something about it – together.
For the last year or so, the bankers and lawyers of Wall Street have discussed the creation of a legal group that would be affiliated with the Financial Services Information Sharing and Analysis Center, the main industry forum for sharing information about threats from online attackers, both entrepreneurial and state sponsored.
According to reporting in The New York Times, several people briefed on those discussions said they believe that just such a group will likely be created by the end of the 2015. A working group of about a dozen of Wall Street’s biggest banks – JPMorgan Chase, Bank of America, Goldman Sachs, Morgan Stanley, etc. – was the beginning of this dialog between banks and lawyers.
The F.S.-I.S.A.C. was designed to facilitate the sharing of threat information, and there is value in involving law firms,” said Anish Bhimani, the financial group’s chairman and a JPMorgan Chase managing director. “A lot of this started because the banks were individually talking to the law firms about security information and someone said, ‘This is ludicrous, let’s do it together.’ ”
Law firms have long been a concern when it comes to protecting consumer financial data because they are seen by criminals as the weak link in the security chain. Attacks on law firms often go unreported; banks are subject to data-breach reporting requirements because they are public companies, but law firms are private and don’t always (or even often) report.
Under the new system being discussed, law firms would set up an organization to share and analyze information. The network would also protect firm anonymity with regard to hackings and threats on computer networks. Law firms would additionally be provided access to some of the resources of the financial center.
Membership in the legal group would be voluntary, but it is expected that most large law firms and those that do regular business for a financial services firm will join.