The latest ‘systemic risk survey’ by the Bank of England found an increase in the number of respondents that cited cyber attack (51pc, five more percentage points) among the risks most challenging to manage. UK political risk was cited as the risk most challenging to manage, for the fifth time. Around 80pc of responses that cited UK political risk explicitly referred to the implications of Brexit.
The seven risks most frequently cited in the 2018 H1 survey were UK political risk (cited by 91pc of respondents); geopolitical risk (62pc); cyber attack (62pc); risks surrounding monetary or fiscal policy (32pc); risk of a UK economic downturn (26pc); risk of a global/overseas economic downturn (25pc); and risks around regulation or taxation (23pc).
Comments
Pete Banham, of Mimecast on cyber-risks said: “Legacy systems make it difficult for financial institutions to implement change, let alone embed new processes and technology to help with cybersecurity. This is where new, challenger financial brands can stand out from the crowd. The fact that Monzo was able to identify the Ticketmaster data breach early offers new hope for quickly identifying financial fraud and highlights the benefits of innovation.
“However impersonation fraud, particularly via email, continues to grow and remain dangerous no matter how up-to-date the technology. Cybercriminals rely on the inherent trust in email to launch attacks that wreak havoc for businesses across all industries. There is also a major supply chain risk, as attackers could use an employee as a stepping stone to launch impersonation attacks against a bank’s suppliers and corporate customers.
“More needs to be done ensure organisations, not just those in the financial sector, remain cyber resilient. This needs to span beyond security and look at continuity, remediation and recovery to ensure businesses can get back on their feet if something does get through. Accountability also shouldn’t be limited to the IT team. As every employee is a potential route into the business, ongoing education for all is critical.”
And Kirill Kasavchenko, Principle Security Technologist, NETSCOUT Arbor said: “With the UK’s financial stability at stake, it comes as no surprise that cyber attacks are seen as the second biggest risk after Brexit. Cybercrime is constantly proving as a lucrative source of revenue, particularly when it comes to money-rich and sensitive data-driven sectors like finance. To minimise this threat all organisations, particularly those in the financial services industry, must look to adapt a proactive stance, rather than wishing attacks away.
“As part of this, the cyber security community need to collaborate to cut cybercrime frequency, severity, and impact. Security threats cannot be mitigated by any single organisation alone. It requires better intelligence sharing and improved co-operation not only with law enforcement but also with the rest of industry.
“Sharing best threat detection and protection practices will allow a broader and deeper visibility of network traffic, threats and user behaviour. All companies can benefit from taking these steps to increase their security provisions.”
Background
The Systemic Risk Survey is a biannual survey that asks market participants about perceived risks to, and their confidence in, the stability of the UK financial system. The survey is generally completed by executives responsible for firms’ risk management or treasury functions. Visit https://www.bankofengland.co.uk/systemic-risk-survey/2018/2018-h1.
