The latest resilience news from around the world

FCA surveys cyber and technology resilience in UK financial firms

The UK Financial Conduct Authority (FCA) has published the results of a survey of 296 financial sector firms which assessed their technology and cyber resilience capabilities. The results, released in the report 'Cyber and Technology Resilience: Themes from cross-sector survey 2017 - 2018', identify areas of strength and those for improvement.

Key findings include:

  • Cyber attacks show no sign of decreasing in volume. They accounted for 18 percent of the operational incidents reported to the FCA between October 2017 and September 2018.
  • Technology outages in the financial services sector are becoming more frequent and publicised. The number of incidents reported to the FCA has increased by 138 percent in the past year. Some firms are still relying on ageing IT systems.
  • Most firms rank cyber resilience as their top concern. Firms’ responses highlight cyber weaknesses in three areas: people, third party management, and protecting their key assets. Nearly 80 percent of respondents struggle to maintain a view of what information they hold and of their third parties. Firms also identified challenges in identifying and managing their high-risk staff and then educating those employees with access to critical systems or sensitive data, who are more likely to be targeted by cyber criminals.
  • Failed IT changes caused 20 percent of the operational incidents reported to the FCA between October 2017 and September 2018.
  • Third party issues, such as an IT failure at an important supplier, accounted for 15 percent of the operational incidents reported to the FCA (the second highest root cause). This demonstrates how increasingly important third parties are to firms and their customers, and the need to manage them effectively to prevent disruption.

Read the report (PDF).



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.