JP Morgan to invest £150 million on boosting cyber security

Fighting cyber crime is a ‘never-ending battle', says CEO Dimon

US bank JP Morgan has increased its budget for cyber security in reaction to an "unprecedented" threat faced in the past two years.

In a letter to shareholders last week, JP Morgan CEO Jamie Dimon said that the firm will spend close to $250 million (£149 million) on improving "cyber capabilities", up from $200 million the previous year.

"In our existing environment and at our company, cybersecurity attacks are becoming increasingly complex and more dangerous," said Dimon. "The threats are coming in not just from computer hackers trying to take over our systems and steal our data but also from highly coordinated external attacks both directly and via third-party systems."

Last year, the bank warned 465,000 customers using its prepaid cash cards that personal information may have been compromised, after it was targeted in a cyber attack. It has also been targeted by hacktivist groups such as the European Cyber Army and Martyr Izz ad-Din al-Qassam Cyber Fighters.

COO Matt Zames added in a separate letter that the number of attacks the bank has received from sophisticated criminals in recent years has been "unprecedented".

"Two years ago we saw a rise in 'denial of service' attacks aimed at disrupting the flow of financial transaction," he said.

"As the threats continue to grow and attacks continue to evolve, it's crucial that we evolve as well and focus on tomorrow's threats, as well as today's."

The investment in cyber security includes deployment of additional 'monitoring and protection' technology, as well as expanding the number of dedicated cybersecurity professional employed at the bank to a total of 600.

The bank will also build three 'state-of-the-art' Cyber Security Operations Centers at its regional headquarters to help coordinate responses to attacks. These will help pull together internal information from systems monitoring, combining with data from industry and government partners to offer a comprehensive view of threats.

JP Morgan's large IT estate includes 300,000 desktops, 58,000 servers in 32 data centres, with 26,000 data bases and 7,250 business applications. It also has nearly 30,000 programmers, app developers and other IT employees globally.

Join the CSO newsletter!

Error: Please check your email address.

Tags security

More about JP MorganMorgan

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Matthew Finnegan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts