The Financial Conduct Authority (FCA) has carried out a review of cyber security understanding in the asset management and wholesale banking industries, finding that many companies still do not comprehend the impact of these risks, particularly on clients.
FCA Warns that Businesses Do Not Understand Risks Of Cyber Threats
Earlier last week (December 10th), the FCA revealed the results of its multi-firm study that looked at 20 businesses of varying sizes, geography, scale and operating models.
It wanted to determine how these companies managed their cyber security, what they believe the risks to be, and their capacity to deal with these quickly and efficiently.
A spokesperson for the FCA concluded: “Although Boards and Management Committees were more sensitive to the topic than in the past, most continue to have limited familiarity with the specific cyber risks their organisations face.”
The majority of Board members and non-IT senior management admitted they did not fully understand their company’s cyber-related risk profile, or the threats that their business faces.
As a result, the FCA warned companies to help all members of staff – particularly Board members and senior managers – to have a better appreciation for the online threats, instead of leaving it to the sole responsibility of their IT departments.
The spokesperson stated that while all the firms knew the need for good cyber security, there was a lack of understanding that poor protection “could affect business activities and lead to harm to clients and the wider markets”.
Indeed, Mark Oakton, Security Director at Infosec Partners, recently wrote in the company’s blog that Board members and other stewards of businesses need to ensure data security because they have a “responsibility to their customers, their intellectual property, and their shareholders” to do so.
To improve your business’ cyber security readiness, take a look at our managed security services here