The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

UK Sees Steep Jump in Cyber Attacks on Financial Services Firms

by Chris Brook on Wednesday July 3, 2019

Contact Us
Free Demo
Chat

According to a regulator, retail banks in the region took the biggest hit last year.

Financial service firms across the UK reported nearly 1000 cyber incidents to the region's Financial Conduct Authority in 2018, a significant jump from the year prior.

According to a Freedom of Information (FOI) request made by RSM, an international accountancy firm based in London, 819 cyber incidents were reported by financial services firms there last year. That’s a marked increase from 2017 when only 69 incidents were reported to the regulator.

While it operates independent of the UK Government, the Financial Conduct Authority oversees the conduct of 58,000 financial services firms and is the prudential regulator for over 18,000 of them; the service sustains by charging fees to members of the financial services industry.

Retail banks were the biggest victims of incidents according to RSM, with 486, more than half of the total, incidents. Wholesale financial markets, retail investments, retail lending, general insurance and protection, pensions and retirement income, and investment management outfits were responsible for the remaining incidents.

Not every incident was classified as a cyber-attack by the regulator; some were blamed on third party failure, hardware and software issues, human error, and process/control failure.

Of the incidents branded as a cyber-attack, perhaps unsurprisingly many were linked to phishing or credential compromises. Other attacks were triggered either by ransomware, what the regulator categorizes as malicious code, and distributed denial of service attacks.

The root causes of cyber incidents reported to the FCA

Root causeNumberPercentage
Third-party failure17421%
Hardware or software15719%
Change management14618%
Cyber attack9311%
TBC9311%
Human error476%
Process or control failure455%
Capacity management253%
External factors172%
Theft111%
Root cause not found111%
Total

819

 

 

It's possible that the numbers reflect an increased scrutiny in security and data breach reporting following last year's implementation of the General Data Protection Regulation.

The FCA not too long ago implemented its own requirements around data breach disclosure:

According to the FCA's SUP 15.3.1 general notification requirements, “A firm must notify the FCA immediately it becomes aware, or has information which reasonably suggests, that any of the following has occurred, may have occurred or may occur in the foreseeable future:

  • The firm failing to satisfy one or more of the threshold conditions; or
  • Any matter which could have a significant adverse impact on the firm's reputation; or
  • Any matter which could affect the firm's ability to continue to provide adequate services to its customers and which could result in serious detriment to a customer of the firm; or
  • Any matter in respect of the firm which could result in serious financial consequences to the UK financial system or to other firms.

Tags: Financial Services, Industry Insights

Recommended Resources


  • An overview of the FFIEC CAT
  • How to use the CAT to identify areas of risk
  • How Digital Guardian helps reduce these risks
  • A compliance timeline for all 18 provisions
  • Financial services case studies
  • How Digital Guardian can help

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.