Out-Law / Your Daily Need-To-Know

Out-Law News 1 min. read

FSA conducting cyber security review of 30 major firms


The Financial Services Authority (FSA) is assessing the cyber security plans of 30 major financial firms.

Financial Secretary to the Treasury Greg Clark told the House of Commons on Monday that the review was taking place and that the results would be used to help improve standards of cyber security across the sector.

"The Treasury is working closely with the Bank of England and the Financial Services Authority, as well as with other Government Departments and agencies, to ensure that cyber risks are better understood and to promote cyber security in the finance sector," Clark said. "This includes a benchmarking programme, led by the FSA, to identify cyber and technology practices of 30 major financial institutions."

Clark said that the review, when finished, would lead to "the publication of an updated Business Continuity Management Practice Guide and discussion paper" to enable all financials services sector companies to "learn from the exercise".

"This will be in addition to exercises with the sector (including the 2011 market-wide exercise) to rehearse and enhance response arrangements to cyber threats," he added.

There has been increasing focus on cyber security issues facing the financial services sector as a result of some recent developments.

Earlier this month the European Commission published a draft Directive on network and information security that would require banks, stock exchanges and a range of other organisations to adhere to a number of outlined security measures in relation to their systems and notify regulators of cases where they experience "significant" cyber breaches.

Banks, credit card companies and other payment service providers are also among the companies that will be obliged to comply with new recommendations set out by the European Central Bank in relation to internet payments. The firms will be required to put in place multiple layers of security to make it harder for hackers to infiltrate internet payment systems.

A recent report by global information security firm Trustwave also highlighted that the retail sector was the most targeted sector of any for cyber attacks in the cases it investigated. The company said that hackers predominantly stole personal information and that there was an "established black market" for payment card data.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.