Cybersecurity is ‘high priority’ for 60% of UK financial services

Cybersecurity has been propelled to the forefront of the public eye in recent years following some large-scale attacks, but recent data shows financial services are far more risk aware than some other industries.

Cyber-attacks and breaches were suffered by 2.9 million UK firms in 2016 which cost businesses an huge £29.1bn, according to research by Beaming, a telecoms firm.

A survey of 1,500 firms found that directors and senior management in finance and insurance are the most concerned about cybersecurity, with 60% classifying it as a very high priority, according to Savoy Stewart.

Hospitality and food directors and senior management are the least worried about cybersecurity – with only 15% considering it a very high priority.

The operations department of an organisation is the most likely (36%) to be hit by a cyber incident, another survey by networking hardware company Cisco found after consulting security professionals.

After operations, the most vulnerable areas of a business are:

  • Finance (30%)
  • Brand reputation (26%)
  • Customer retention (26%)
  • Intellectual property (24%)

With 83% of UK businesses now online, more and more companies are exposed.

While no organisation would want a cyber breach, figures show that nine out of 10 businesses don’t even have an incident management plan in the event of a cyber-attack/breach, according to Savoy Stewart.

This news comes weeks after the European Central Bank (ECB) announced its supervised banks will be forced to reveal any cybersecurity breaches as of this summer.

The announcement was made in June Sabine Lautenschlaeger, a member of the ECB’s executive board, but it is not yet clear what the penalty will be if a bank fails to notify the ECB about a significant breach.

US banks have stolen a march

American companies are already required to follow the procedure and US banks are known for having higher cybersecurity defences than their European counterparts.

Derek Taylor, compliance and regulatory consulting managing director at advisory firm Duff & Phelps, says that to date there is little cybersecurity legislation directed at European financial services firms.

“US banks have stolen a significant march on British and European firms when strengthening their cyber defences in the last year. US investment in cyber defence strategies has largely been driven by recent regulatory developments across the pond,” said Taylor.

Sonia Blizzard, Beaming managing director, says: “Large organisations are more likely to become a victim of cybercrime due to being more valuable targets and because employees are often the weakest link in the cybersecurity chain.

“They are also more resilient as they have resources to aid their recovery. Successful cyberattacks on smaller businesses are less frequent but cause disproportionately more harm. It is encouraging that small businesses are taking the threat more seriously and investing in their cyber defences, as a single attack could potentially break them,” she adds.

85 views

Related reading