The number of cyber attacks reported to the FCA rose by a staggering 80% in 2017, according to RSM UK.
Financial services firms are being urged to take action after the regulator was informed of 69 material attacks last year. That’s up from 38 cyber incidents in 2016 and 24 in 2015.
RSM added that the National Cyber Security Centre catalogued over 1,100 reported attacks throughout 2017, with only 30 of those requiring action by government bodies.
Jan Hameed, a technology risk assurance director at RSM, suggested some firms may be choosing not to report attacks because they are afraid of reputational damage.
“Failure to detect and/or refusing to report incidents is very risky and short-sighted as it is counterproductive to exposing and addressing systemic weaknesses,” he warned. “Financial services firms need to ensure they always stay one step ahead.”
When must I report an incident?
Regulated financial services companies are obliged to report material cyber incidents to the FCA if they either:
- Lead to a significant loss of data, or the availability or control of IT systems
- Affect a large number of customers
- Result in unauthorised access to information and communications systems
What constitutes a cyber attack?
It’s not just financial services businesses which could experience a hack. Sophisticated methods including phishing emails, malware and spyware, can be used to gain access to any business’s computer equipment, before stealing money, private customer information or other sensitive data.
Even if your business does not operate in a regulated environment, protecting yourself from the mounting costs of a cyber attack is vital.
Cyber Liability Insurance can help with the costs of investigating, stopping and recovering from a hack or data breach. Get in touch with the friendly team at Jane Chewins to find out how you could benefit from this essential business cover.