Cyber Security Report 2020

SIX have released an in-depth look into the state of cybersecurity in the financial services industry, focusing on emerging threats and what the industry can do to combat them.

Cybercrime is considered one of the most important operational risks in the financial industry. When it comes to cyber security, there must not be any distinction between large and small or bank and insurance.

Overall findings

The financial sector is an attractive target for cyberactors, given the potential access to financial assets and highly sensitive client data. Due to these factors, the financial sector is targeted by many types of cyberactors, from hacktivists with little capabilities, to opportunistic attackers leveraging malware bought in underground forums, to highly sophisticated state-sponsored actors. At the same time, the attack surface of financial institutions continuously increases, due to a larger need for digitisation and demand for online services. These developments, which were observed in previous years, were further accelerated and exacerbated by the onset of the COVID-19 pandemic. Within weeks, organisations shifted to remote working and customers relied more than ever on online banking applications, creating new targets for malicious cyberactors.

SIX figure 1.PNG

Detailed Results: United Kingdom

London is a financial hub in Europe, with the largest European stock exchange, the largest bank in Europe (HSBC Holdings), and three UK banks out of Europe’s top ten largest banks. The financial sector of the UK is regulated by the Prudential Regulation Authority (PRA) and in terms of cyber security the UK is ranked in first place internationally by ITU, due in large part to strong performance in the ITU’s organisational and regulatory pillars. According to a recent survey by the UK government, the financial sector identified cyber security as a very high priority. Additionally, the lowest ratio of cyber incidents to breaches was recorded in the UK, potentially indicating a high capability in mitigating attacks. However, the highest recorded total loss by one organisation was recorded by a UK financial services firm, which amounted to EUR 94 million.

SIX figure 2.PNG

Access the full report here

This site uses cookies to improve your online experience, measure traffic to this website, and allow you to share content on social media. By clicking ACCEPT, you are agreeing to Istari's and their partners' use of cookies. For more information, or to change your cookie preferences at any time, visit Istari's Cookies Policy.