in Security

Cyber incidents reported to the FCA up over 50%

Posted 29 March 2022 · Add Comment

The pioneer of Breach and Attack Simulation (BAS), Picus Security, today released a report revealing a large rise in cyber incidents reported to the UK's Financial Conduct Authority (FCA).

Image copyright Shutterstock

The report, based on FCA data obtained via a Freedom of Information (FOI) request, reveals that:

  • The FCA received 116 reports of material cyber security incidents in 2021, up from 76 in 2020 (an increase of 52%).
  • 65% of cyber incidents reported in 2021 (75) were due to cyber-attacks.
  • Approximately one third of incident reports (37) contained notifications where the confidentiality of company or personal data may have been compromised or breached.
  • One in five incidents reported to the FCA in 2021 involved ransomware.
  • 21 cyber incidents were reported to the FCA in March 2021 – the most submitted in any month that year and coinciding with the disclosure of critical vulnerabilities in Microsoft Exchange Server.

"Financial services firms are amongst the best prepared and most highly capable organisations at detecting and responding to cyber incidents," said Dr Suleyman Ozarslan, Picus Security co-founder and VP of Picus Labs. "Yet, despite investing heavily in security and data protection, it's clear that many continue to experience challenges in these areas.

"The large rise in cyber incidents reported to the FCA in 2021 is a concerning trend and should serve as an important reminder to all firms about the need to make ongoing improvements in all areas of security. This is necessary to not only mitigate the risks posed by external threats but also those which arise due to IT failures and human error."

Digital transformation in the financial services sector, including widespread adoption of remote working, means that many firms over the last few years have had to adjust their security and data protection practices. On top of this, they have had to contend with being a target of Advanced Persistent Threats groups and ransomware operators, as well as manage the risks of critical vulnerabilities in widely used systems such as Microsoft Exchange Server.

"Defending financial institutions against all the threats they face remains a tough challenge, made even harder by the growing attack surface," Ozarslan added. "Only by validating security capabilities on a continuous basis can firms hope to measure their threat readiness more accurately and swiftly close the gaps needed to take their operational resilience to the next level."




* required field

Post a comment

Other Stories
Latest News

Serco acquires Sapienza

Serco Group plc has entered into an agreement to acquire Sapienza Group, from TP Group plc, to expand its offering to the European space sector.

Menzies Aviation renews Air Canada contract at Heathrow

Menzies Aviation today announced it has renewed a significant ground services contract with Air Canada at Heathrow Airport (LHR) and won new business at Copenhagen Airport (CPH).

Views sought to boost security of UK data centres and cloud services

Looking to strengthen security and resilience of UK’s data infrastructure to protect against outages and national security threats, the Government has announced it is seeking views on how to boost the security and resilience of

UK Government to host AFF22 onboard HMS Prince of Wales in New York

On 28th-29th September, the UK Government will host the Atlantic Future Forum (AFF22) on the aircraft carrier HMS Prince of Wales in New York, bringing together senior politicians, policymakers, military leaders, academia, business

Stay ahead of the airplane

Neil Ballinger, head of EMEA at EU Automation, looks at ways of stepping up to the challenges currently facing aerospace supply chains.

Airbus launches UK ZEDC

Airbus is strengthening its presence in the UK with the launch of a Zero Emission Development Centre (ZEDC) for hydrogen technologies, to be based in Filton, Bristol.

ODU SK0105310522
See us at
Future Arm Vehicles Power Systems BTDVD BT2704220922Future Armoured Vehicles Weapon Systems BTAdvanced Engin BT2504031122Future Arm Vehicles Active Protection Systems BT