Financial services firms must focus on security, says FCA

Financial services firms are being urged to focus on security after figures from the Financial Conduct Authority (FCA) showed that cyber-attacks on firms in the sector increased by more than 80 per cent in 2017.

Speaking at the PIMFA Financial Crime Conference in London, FCA Head of Technology, Resilience and Cyber Robin Jones discussed the areas in which financial services firms need to boost security, with firms being urged to place more focus on staff training and raising awareness.

Significant

According to the FCA’s figures, the number of reported cyber incidents from financial services firms has increased over the past couple of years, rising to 69 last year from 38 in 2016 and 24 in 2015.

Discussing the attacks in his speech, Jones stated that more than 1,100 reported attacks have been recorded by the National Cyber Security Centre over the past 12 months, with 590 of these being considered significant and 30 needing action from the government, a number of which were in the financial services sector.

Jones added that financial services firms need to place more focus on improving their detection of attacks and becoming better at identifying critical assets such as data.

Complacency

RSM Technology Risk Assurance Director Jan Hameed commented: “One of the biggest risks facing financial services companies is complacency. Cyber-attacks will actively adapt to defensive controls. As the FCA highlights, individuals and criminal groups are developing tools and exploiting vulnerabilities on an industrial scale. Financial services firms need to ensure they always stay one step ahead.”