The Bank of England (BoE) and the Financial Conduct Authority (FCA) have given the UK finance sector three months to explain how they can avoid damaging IT breakdowns and respond to the growing threat of cyber attacks.
The move comes just over a week after a Bank of England report in which cyber attack was cited as a risk by 62% of respondents to the biannual survey from the UK financial services regulator.
Although Brexit was seen as the biggest risk, more than half (51%) of respondents that said cyber security is the most challenging risk to manage. “Firms have primary responsibility for their ability to resist and recover from cyber attack,” the BoE report said.
If financial sector firms fail to demonstrate adequate backup plans by the deadline, regulators could require them to increase investment in making their systems more resilient.
The FCA and the BoE emphasised that responsibility for ensuring the resilience of financial firms sits with senior management, who will be held accountable in the event of prolonged disruption.
Leo Taddeo, chief information security officer at security firm Cyxtera and former FBI special agent, said there are some “good…
