Abdul Aziz Al Ghurair Image Credit: Gulf News Archive

Dubai: The UAE Banks Federation (UBF), the professional representative body of banking industry comprising 48-member banks operating in the UAE, on Thursday launched its first Information Sharing and Analysis Centre (ISAC) in the UAE.

The centre is powered by Anomali, provider of threat intelligence platforms. It will initially bring together 13 banks’ cyber security data in Anomali’s ThreatStream platform. This will aggregate, correlate, and analyse threat data from multiple sources in real-time to support defensive actions.

“We are proud to bring the 2017 Cyber Threat Intelligence Initiative into implementation; our partnership with Anomali to build this platform will allow banks to get equipped with the tools and intelligence to better identify, protect, detect and respond to cyber-attacks. It will help to establish the importance and value of seamlessly collecting, sharing and analysing data, while allowing for anonymous reporting. Together, we can then reduce sensitive data exposure and make more informed decisions and investment strategies,” said Abdul Aziz Al Ghurair, chairman of UBF.

The launch of ISAC comes at a time when financial institutions around are facing cyber security threats. A recent survey of more than 800 representatives from financial institutions worldwide found that a cyber security incident involving a bank’s online banking services costs the organisation $1.75 million (Dh6.43 million) on average. That’s twice the cost of recovering from a malware incident, which average $825,000.

The survey, conducted by Kaspersky Lab and B2B International, found that 61 per cent of cyber security incidents affecting online banking come with additional costs such as data loss, loss of brand reputation, and confidential information being leaked.

The UAE is the second most targeted country in the Middle East for ‘ransomware’ attacks, in which cyber criminals steal and encrypt files until a ransom is paid, according to internet Security Threat Report from security-giant Symantec published earlier this year.

According to Symantec, ransomware attacks are continuing to escalate worldwide as they provide a lucrative business for criminals. In the Middle East and Africa, the UAE was the second most targeted country for ransomware attacks, behind Saudi Arabia, and ranked 26th worldwide.

The new UBF-ISAC lays the foundations for enhancing the understanding of threat intelligence, showcase the value of collaboration, and provide ongoing training. Founding members include HSBC, CBD, ADCB, Barclays, CBI, Citibank, ENBD, FAB, Mashreq, Noorbank, SCB, ADIB, and NBF. Professional body UBF and the ISAC are set to grow in a phased approach to encompass all of UBF’s member banks.

The ISAC is powered by Anomali’s ThreatStream platform that helps to order and interpret threat data available to organisations from internal and third-party sources. It aggregates threat intelligence, enriches and dedupes it, removes false positives, and builds clusters of relating information. As well as streamlining threat information sharing and collaboration, the ISAC will enable members to apply context to intelligence, where breach details shared quickly could mean the difference in someone else being attacked.

UBF and Anomali has plans to expand the reach of ISAC across financial services industry. “Once we have full coverage of the banking sector, we intend to include others in the financial services businesses such as Insurance companies, financial centers such as Dubai International Financial Centre, Abu Dhabi Global markets and local and foreign institutions operating from these centers,” said Al Ghurair.

Going a step further, UBF has plans to invite government related entities and public and private institutions that need intelligence sharing on cyber threats.

“The UAE is the financial services hub for the Middle East and it’s essential that it takes the lead in embracing threat intelligence sharing,” commented Jamie Stone, VP EMEA at Anomali. “The Middle East has seen a sharp uptick in cyber-attacks recently, so the adoption of new, technologically advanced processes is paramount and sharing intelligence bolsters defences exponentially.