US bank JP Morgan has increased its budget for cyber security in reaction to an “unprecedented” threat faced in the past two years.
In a letter to shareholders last week, JP Morgan CEO Jamie Dimon said that the firm will spend close to $250 million (£149 million) on improving “cyber capabilities”, up from $200 million the previous year.
“In our existing environment and at our company, cybersecurity attacks are becoming increasingly complex and more dangerous,” said Dimon. “The threats are coming in not just from computer hackers trying to take over our systems and steal our data but also from highly coordinated external attacks both directly and via third-party systems.”
Last year, the bank warned 465,000 customers using its prepaid cash cards that personal information may have been compromised, after it was targeted in a cyber attack. It has also been targeted by hacktivist groups such as the European Cyber Army and Martyr Izz ad-Din al-Qassam Cyber Fighters.
COO Matt Zames added in a separate letter that the number of attacks the bank has received from sophisticated criminals in recent years has been “unprecedented”.
“Two years ago we saw a rise in ‘denial of service’ attacks aimed at disrupting the flow of financial transaction,” he said.
“As the threats continue to grow and attacks continue to evolve, it’s crucial that we evolve as well and focus on tomorrow’s threats, as well as today’s.”
The investment in cyber security includes deployment of additional ‘monitoring and protection’ technology, as well as expanding the number of dedicated cybersecurity professional employed at the bank to a total of 600.
The bank will also build three ‘state-of-the-art’ Cyber Security Operations Centers at its regional headquarters to help coordinate responses to attacks. These will help pull together internal information from systems monitoring, combining with data from industry and government partners to offer a comprehensive view of threats.
JP Morgan’s large IT estate includes 300,000 desktops, 58,000 servers in 32 data centres, with 26,000 data bases and 7,250 business applications. It also has nearly 30,000 programmers, app developers and other IT employees globally.