Financial Technology Research Centre founder, Ian McKenna, has warned that financial firms need to be taking their cyber security more seriously as the UK regulator is likely to become stricter on this matter.
In the US the SEC (Securities and Exchange Commission) is becoming progressively stringent with financial firms who fall under attack of cyber criminals. The SEC announced in September that they had actually sanctioned eight firms for failing to sufficiently update and regulate their cybersecurity policies and processes. The SEC’s orders against each of the eight firms found that they violated ‘rule 30(a) of regulation S-P’ – also known as the ‘safeguards rule’ – designed to protect confidential customer information.
Some of the attacks that took place following the failures of financial firms have included email takeovers and the leaking of staff, company, and client personal information. Following a breach in the UK the ISO can fine companies up to £17.5 million, or 4% of their annual turnover – whichever is greater!
Ian McKenna also added “While some firms are clearly changing their practices, we still see activity regularly where firms simply are not taking cyber security sufficiently seriously”. McKenna made it clear that improvements and safeguards must be in place for financial firms, regardless of the size of the company.
It is no longer enough to simply update your processes and procedures. All businesses need to seriously consider the implications of cyber threats and being penalised by the governing body for their sector if sufficient security measures are not in place.
Businesses should be proactive in their adoption of cyber security. By leaving it to chance or reactively responding to an attack you are risking more than just personal data, your entire organisation could be on the line.
Contact us today to find out how we can secure your business.