FCA shares insights from the 2020 Cyber Coordination Group

The FCA has published a summary of some of the main insights gained from the quarterly meetings of its Cyber Coordination Groups (CCGs) over the past year.

Recognising that cyber threats and their associated harms represent a complex and evolving challenge for the sector, the FCA has been bringing financial services firms together since 2017 to collaborate in groups on cyber security and operational resilience issues.

The CCGs help firms share knowledge and best practice. During 2020, the FCA convened 157 firms across seven CCGs, dedicated variously to: Insurance, Investment Management, Fund Management, Retail Banking and Payments Firms, Retail Investments and Lending, Brokers/Principal Trading Firms, and Trading Venues/Benchmark Administration Firms.

CCG member firms have encountered a wide range of challenges over the past year, including ransomware attacks, denials of service, cloud security issues, insider threats, and problems around supply chain oversight and security. Emerging issues in the world of cyber-security, identified by CCG firms included Zero Trust Security models and Artificial Intelligence.

There was general agreement that the recent shift to increased remote working has put additional strain on cyber-security systems and teams, requiring firms to re-evaluate and recalibrate their cyber risks and controls. Increased working away from company premises has also exacerbated the challenges posed by ransomware, supply chain security, and insider threats.

Participants identified fourth-party supply chain and Cloud Service Provider (CSP) risks as significant challenges, and shared a range of potential mitigation strategies. Shared assurance models were singled out as promising potential improvements in how firms assess supply chain risk.

You can read the full 4000-word report on the FCA website by clicking here.

For further details on this story, or any other compliance-related topic, contact our expert team on 01925 767888, or email helpline@ukgigroup.com.

 

UKGI is a trading style of UKGI Limited and UKGI Services Limited which are wholly owned subsidiaries within UKGI Group Ltd. UKGI Limited acts in compliance services and UKGI Services Limited acts in support services. UKGI Services Limited is a wholly owned subsidiary of Total Broker Solutions Limited, which is an appointed representative of Resolution Compliance Limited, which is authorised and regulated by the Financial Conduct Authority (FCA) under reference number 421154. UKGI Limited Registered in England No. 03544014. UKGI Services Limited registered in England No. 04953835. All Registered Offices Number 22 Mount Ephraim, Tunbridge Wells, England TN4 8AS. VAT registration number 347 2664 82.