Eddie Yue Wai-man, the HKMA’s CEO, said a major risk that has been identified is the use of third-party service providers. He said that firms depend heavily on big technology companies for computing power and the ability to deal with large data sets related to AI. If these major operators experience glitches, catastrophic results could radiate outward.
“If any of these few service providers suffer from IT failures or cyberattacks, the outcome could be very difficult to handle,” he said. “It’s like CrowdStrike 10 times bigger.”
“CrowdStrike is a wake-up call to say, all these security software and network monitoring tools that have a high level of privilege and access across our estate and to some extent, automatic software updates – how comfortable are we with that,” said Balbir Bakhshi, chief risk officer at the London Stock Exchange Group.
“There is an opportunity to do something different in this space through a more collaborative approach.”