Cyber resilience

With email being the largest single attack vector on the planet, keeping your organisation secure and productive is of utmost importance.  So, what does that mean? 

Cyber Strategy …
includes implementing technology and best practices to secure your infrastructure and prevent hackers from gaining access. 

Cyber security …
is the state or process of protecting and recovering networks, devices, and programs from any type of cyberattack. 

Cyber resilience …
is your firm’s ability to withstand, respond to, and recover from a cyber-attack or data breach. For obvious reasons, the cyber resilience of regulated firms of all sizes is a concern for the FCA.

Cyber resilience is an evolving perspective that is rapidly gaining recognition. The concept essentially brings the areas of information security, business continuity and resilience together.  Resilience is more than just preventing or responding to an attack—it also takes into account the ability to operate during, and to adapt and recover, from such an event

So why is this important?  Email attacks are on the rise, with the danger areas including: 

  • Internal email threats and data leaks from infected email attachments
  • Ransomware;
  • Phishing (the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers);
  • Spoofing of business partners or vendors;
  • Impersonation attack.

There are some basics that firms should adopt:

  • Secure your Internet connection using a firewall;
  • Secure your devices and software using the most secure settings and passwords;
  • Control access to your data and services – staff accounts should have just enough access to software, settings, online services and device connectivity functions for them to perform their role.  Permissions should only be given to those who need them;
  • Use encryption;
  • Protect from viruses and other malware (malicious software) – anti-malware is often included for free within popular operating systems.  These should be used on all computers and laptops. 
    • Whitelisting can also be used to prevent users installing and running applications that may contain malware – the process involves an administrator creating a list of applications that are allowed to be installed.  Any application not on the list will be blocked from being installed. 
    • Sandboxing – a sandboxed application is run in an isolated environment with very restricted access to the rest of the device and networks, ensuring files and other applications are kept beyond the reach of malware.
  • Keep your devices and software up to date – manufacturers and developers release regular updates which not only add new features, but also fix any security vulnerabilities that have been discovered.  Applying these updates (as process known as patching) is one of the most important things you can do to improve security – set to ‘automatically update’ wherever this is an option;
  • Manage your third-party suppliers – ensure that cyber security and legal language are added to any contract with the right to audit – remember you cannot transfer the responsibility so robust due diligence is essential;
  • Use good detection systems and establish an effective monitoring regime.

Important Note: ATEB news is intended to provide general information ONLY. The content, including any views expressed or guidance provided, does not replace the need to comply fully with FCA Rules and Guidance. Unless you have discussed news article content with ATEB, and specifically how it relates to your circumstances, then ATEB disclaims all liability and responsibility and actions arising from any reliance placed upon it. For the avoidance of doubt therefore, any reliance you place on such information without our consultation is at your own risk.

ATEB Compliance offers compliance and regulatory advice.

ATEB Suitability provides report writing software for the financial services market.

Our View

Firms should ensure they have good governance in place.  Governance enables an organisation to control, direct and communicate their cyber-security risk management activities. Firms should:

  • Put cyber risk on the executive agenda and ensure that good qualify MI is in place;
  • Understand who could target your firm, why and how;
  • Ensure the firm has an adaptable cyber resilience strategy in place – attackers adapt constantly in their techniques and your plan needs to do the same in terms of techniques, technologies and people;
  • A continuity plan is in place that allows you to keep running without a hitch (other than that fire in the background your teams are diligently working to extinguish);
  • Invest in training – this should be engaging and delivered persistently over time, concentrating heavily on helping employees to recognise and avoid email-borne attacks. 

Action Required By You

We recommend that firms  consider what cyber resilience measures they already have in place, whether they adequate and how they might be improved.

Firms should be ready to respond and recover in the event of an incident.  We would therefore suggest that firms create scenario-led exercises, to test the effectiveness of cyber defences.

Further guidance can be obtained via the National Cyber Security Centre (NCSC).

About the Author

Technical Manager - Often referred to as the Oracle or the Sage, Alistair has a wealth of financial services experience. He is our go-to Technical Manager and enjoys nothing more than a complicated conundrum. Feel free to test his renowned knowledge by getting in touch.

Contact Us

Explore more articles in this category

Other articles that you might be interested in