Financial institutions need to put cybersecurity at the top of their agenda, according to a new report titled Cyber and the City.
Writing in one of the forewords, Mark Weil, CEO of Marsh Ltd and chair of the of TheCityUK Cyber Taskforce, said that this isn’t currently the case.
He explained that cyber vulnerabilities tend not to be a key consideration of leaders in the financial and professional services sector.
Usually, this important matter is “handled by specialists”. While this is reassuring, it nevertheless needs to be centralized.
“Outside of a very few firms, we do not yet see cyber getting the attention it needs from business leaders.”
“Outside of a very few firms, we do not yet see cyber getting the attention it needs from business leaders,” Mr Weil said.
“We seek to build on the progress already made, to give the leaders of financial institutions a basis for staying ahead of the criminals.”
The paper highlighted why the financial sector, which includes banks, insurers and asset managers to name a few, is such a target.
“It has the data and money to attract criminals, the public profile to attract hacktivists and the criticality to the economy to attract terrorists and hostile states,” it noted.
As such, any serious attack can have serious repercussions not just on, for example, a bank, but its customers, the sector and the wider economy.
When it comes to cyberattack responsiveness, the authors of the report found that many firms understand that a very real threat exists.
Accordingly, they have taken appropriate measures to bolster their security. However, there is still a lot of work to be done.
For example, the study showed that cybersecurity is not being “treated in a rigorous way”.
In other words, many firms have yet to establish an approach for handling specific vulnerabilities, suggesting a more generalised approach to security.