View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 1, 2015

Bank of England FSR: 5 cyber security points

List: The bank is emphasising the importance of a new approach to cyber security from the financial sector.

By Charlotte Henry

Alongside its stress test results, the Bank of England (BoE) has released its Financial Stability Report, which contains a chapter on cyber risk facing the UK in the financial sector.


Fear of the knock-on effect

Given the strategic importance of the financial sector, the BoE report says that it is not just concerned about the firms and individuals who are directly hit by cyber attacks, but that "a serious attack directly disrupts the critical economy functions performed by the financial sector".

It cites the 2013 attack on Korean ATMs and mobile banking as examples.


A change in approach to cyber risk

Given this strategic importance, the report says that the cyber risk should not just be regarded as a "narrow ‘technology’ issue" for banks, but should instead be seen as a "strategic priority". The BoE urges firms to "build their resilience" to cyber attacks, become able to recover quickly if they are attacked, and "ensure effective governance".


Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

CBEST testing

Then number of firms that have completed CBEST testing of core vulnerabilities has gone up from 5 in the July report to 10 now. Other banks are undergoing the process too. Nine are at the penultimate stage, threat intelligence and testing, while 12 are at the second phase, called scoping , and four are at the first stage, called pre-scoping.


Awareness is growing

Awareness and concern about cyber risks is growing in the sector. 45% of those who responded to the BoE Systemic Risk Survey now highlight cyber risk as "key concern".

This is up 15% from the first half of this year, and up from just 10% in H1 2014. 2015 is the only year since the comparison started in 2012 that concern about cyber attacks has outweighed concern about other operational risks. Concern about other operational risks was under a quarter in H2 this year.


Work ongoing until next Summer

This report is part of an ongoing process into improving the way the financial sector deals with cyber security. BoE, alongside the Financial Conduct Authority and the Treasury are reviewing the list of core firms that are critical to financial stability, defining a clear set of capabilities that will improve cyber resilience, and developing co-operation with authorities in other countries to tackle cyber risks.

The July 2015 set out these criterion, and the BoE Financial Policy Committee will receive a report on this by the Summer of 206.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.