The Bank of England has warned UK financial firms they are not taking the threat of cyber attack seriously enough.
Minutes from the latest Financial Policy Committee meeting, published yesterday, revealed that major financial firms have submitted self-assessments on cyber resilience to regulators.
The FPC notes did not reveal the tests did not expose any “critical” shortcomings.
But the minutes say: “Regulators had noted some areas for improvement including a tendency among firms to view cyber threats as a technical problem, rather than an issue which merits board-level attention given the evolving nature of cyber threats and the key importance of cyber resilience to continuity of financial services.”
The Bank and several “core” financial firms have held talks about a voluntary test known as CBEST that would involve hiring hackers to test firms’ ability to withstand a cyber attack.
The FPC has also recommended other major banks and financial institutions take the test.
In June, a Money Marketing investigation revealed the weaknesses in some financial platforms’ systems, which expose them to the risk of cyber security attacks. Data from the Investment Management Association in May showed the amount of money lost by clients through platform fraud more than trebled last year with a record £1.8m taken.
In October, more than 83 million clients at JP Morgan Chase had their details stolen by cyber-criminals.