UK financial services firms' biggest cybersecurity challenge = COMPLYING WITH REGULATIONS!!

According to new research by Bridewell Consulting,

• Complying with regulations is the most significant cybersecurity challenge for UK financial services firms.

Nearly half (44%) of financial services organisations surveyed

• Cited compliance as one of the top five cyber challenges they currently face.

This was followed by

• Data protection and privacy (39%),
• Supporting remote and hybrid working (39%),
• Protecting critical assets (37%) and
• Managing cloud cybersecurity (35%).

The findings follow the EU’s Digital Operational Resilience Act (DORA) legislation, which will become effective in January 2025.

• https://www.infosecurity-magazine.com/news/dora-financial-firms-compliance/

The regulation, which aims to improve cyber resilience in the financial sector, will apply to UK organisations that operate in the EU.

• https://www.infosecurity-magazine.com/news/dora-compliance-costs-soar/

There are also significant compliance requirements from financial industry associations, such as the UK’s Financial Conduct Authority (FCA).

• This body announced new rules covering the security of third-party providers in January 2025.

Sam Thornton, COO at Bridewell, commented:

• “This research reinforces the importance of financial service organisations building true cyber resilience and that regulation is no longer just a tick-box compliance issue,
• It is one of the primary drivers of cybersecurity maturity across the sector –
• Closely coupled with an established and embedded risk management approach.”

SUPPLY CHAIN ATTACKS REQUIRE LONGEST RESPONSE

The report found that SUPPLY CHAIN ATTACKS are the most challenging to mitigate,

• The average response time for these incidents is nearly 16 hours.
• Data theft or disclosure took the second longest to respond to, at 11 hours.
• Physical security breaches (8.6 hours),
• Malware (7.6 hours),
• Ransomware (6.71 hours) and
• DDoS (6 hours).

Supply chain risks are often particularly challenging to manage in the financial sector due to the complexity of internal systems and the vast volume of software suppliers and interfacing partner organisations.

• Read now: Third-Party Risk Management Failures Expose UK Finance Sector –
• https://www.infosecurity-magazine.com/news/third-party-risk-failures-uk/

COUNTRY RISK

Concerns over nation-state attacks were high for financial firms, with a large proportion expressing fear of threats from

• Russia (70%),
• Iran (69%) and
• China (57%).

USE OF AI CYBERSECURITY SOLUTIONS

FINANCIAL SERVICES FIRMS SURVEYED REVEALED THEY ARE USING

• (33%) of automated incident response solutions.
• (31%) is deploying chatbots and AI assistants to support their security functions.
• (22%) use AI-powered threat intelligence platforms and secure access service edge technology.

REGARDING THREAT ACTOR USE OF AI,

• Phishing attacks powered by AI were considered the most significant threat (89%),

followed by

• AI-powered botnets (81%),
• Automated hacking (80%),
• Data poisoning (80%) and
• Deepfakes (78%).

Sources

https://www.infosecurity-magazine.com/news/compliance-cyber-challenge-uk/