Financial services firms reported 819 cyber incidents to the Financial Conduct Authority (FCA) in 2018, up from just 69 incidents in 2017, according to data obtained under the Freedom of Information Act by audit, tax and consulting firm RSM.
Retail banks were responsible for the greatest number of reports (486), accounting for almost 60% of the total. This was followed by wholesale financial markets on 115 reports and retail investment firms on 53.
The incidents were attributed mainly to third party failure (21%), hardware and software issues (19%) and change management (18%), with cyber attacks cited in only 11% of cases. Human error and process or control failure accounted for 6% and 5% of incidents respectively.
The FCA has recently warned of a significant rise in service outages and cyber attacks affecting financial services firms. It has also called on regulated firms to develop greater cyber resilience to prevent attacks and better operational resilience to recover from disruptions.
According to the FoI data obtained by RSM, there were 93 cyber attacks reported in 2018. Over half of these were phishing attacks, while 20% were ransomware attacks. Malware was cited in…