Data from the Financial Conduct Authority (FCA) has revealed the cybersecurity challenges the financial sector faces.
According to a recent freedom of information request made to the FCA, the number of data breaches reported by the UK financial services sector jumped dramatically in 2018 soaring by 480% to 145 up from the 25 reported in 2017.
Tasked with handling large amounts of money the financial sector makes a natural target for cybercriminals. Attempts to prevent cybercrime cost the financial services sector more than firms in any other industry.
The financial impacts of a data breach can be huge for an organisation, and not just in terms of the sum stolen.
According to UK government data, the average cost of the worst cybersecurity breaches is now between £65,000 and £115,000, including the impact of cleaning affected systems.
As well as the immediate remedial costs an organisation will also likely suffer longer-term expenses. The most obvious of these extra costs comes in the form of legal action as affected customers may seek monetary compensation. Fines from governing bodies can also be given as was the case when Tesco Bank was fined £16.4 million by the FCA for its security failures during a breach in 2016.
The resulting damage to an organisation’s reputation can also lead to losses as customers and partners turn elsewhere to do their business. Data released last year shows that a third of businesses would cancel contracts with suppliers who are breached and their cybersecurity is found wanting.
The most obvious reason for the rise in the number of reported cyberattacks is the introduction of GDPR in 2018, which made the sector take notice. Under GDPR an organisation must report data breaches to the relevant supervisory authorities within 72 hours of becoming aware of it, where feasible.
Cybercrime is constantly evolving with new forms of malware and attack strategies being devised by the day and with automated hacking tools, any company without the cybersecurity basics in place will fall victim. It may seem overwhelming and the pressures on IT security teams and CISOs have never been higher.
However, there is a way Financial services can take control of their security.
CyberScore™ is an automated testing service that detects vulnerabilities in your organisation’s networks, allowing you to take control of your cybersecurity by providing empirical evidence via Get-Well plans and Patch reports. Also, if your organisation is yet to attain Cyber Essentials certification CyberScore will provide you with an overview of how your security stacks up against the scheme and whether you’re likely to pass or fail.
Financial services will always be a prime target for cybercriminals, but by taking control of their security they can flourish.