According to an analysis recently published by the Financial Conduct Authority (FCA), compiled on the basis of a survey on tech and cyber resilience, the number of cyber attacks and technology outages have almost doubled in the past year.
To be more precise the FCA reported an increase of 138% in technology outages, along with an 18% increase in terms of cyber incidents. “On the basis of the data that the FCA is currently collecting, we see no immediate end in sight to the escalation in tech and cyber incidents that are effecting UK financial services,” said Megan Butler, Executive Director of Supervision – Investment, Wholesale and Specialists at the FCA.
In the speech she delivered at Bloomberg, in London, she said to be deeply concerned with the substantial increase in technological incidents, coinciding with the first year where the number of debit card payments has surpassed the number of cash transactions. This is a particularly hot topic in the UK, after that a lot has been said in the past months, for example about the two major IT incidents happened to TSB, where with a computer failure 1.9 million people lose access to online banking services. Butler says that the FCA doesn’t expect zero-failure but believes that “The true test of the resilience of UK finance is not the absence of incidents. It’s how well incidents are managed.” With cyber security it is not seen just as technology risk, but as a human risk, considering that the danger can potentially have an impact on the customers.
According to the FCA survey most firms rank cyber resilience as their main concern but nearly half of those are not able to upgrade or retire their old IT systems in time, and just around half of the respondents say that they are able to measure the effectiveness of their information asset controls.
“We are seeing some serious vulnerabilities across areas like identification of key assets, information and detection. A third of firms do not perform regular cyber assessments. Most know where their data is. But describe it as a challenge to maintain that picture.” Butler said.
In addition to protecting their own assets and updating or replacing their old IT systems, it’s about third-party management as well as recruiting top IT professionals and properly educating their own staff that appear to be among the top challenges banks are facing right now on this matter.
There are many different reasons why banks fail to innovate and understand the potentialities offered by fintech. All in all, the issue it’s not just about cyber security, as traditional financial institutions seem to have serious problems to adapt and keep the pace of alternative finance newcomers.
If interested to learn more here you can download the full report prepared by the FCA: Cyber and Technology Resilience: Themes from cross-sector survey 2017 – 2018.