UK financial organisations are facing an unprecedented number of cyber security threats, with risks higher than most other industries.
The report – ‘The state of cyber security in the UK financial industry’ – surveyed 500 UK-based cyber security strategy decision makers. Responses from the financial industry showed it is at significantly higher risk than the average UK business with more than half (58.2%) reporting between 40 and 60 cyber security incidents in the last 12 months. This is compared to a UK average of 24.
Of all the threats regularly cited it was phishing that provided the most concern with 67% of respondents highlighting it as their main worry for their organisation.
The vast majority of finance companies polled (84%) noted an increase in the premium prices for cyber insurance in the last two years. This outstrips the overall average of 72%.
What’s more, the landscape is unlikely to simplify in the near future. The pace of technological change continues to increase, and issues are exacerbated by the rise in flexible working continuing post-pandemic.
Some 51% of participants said the increased prevalence of remote working was moderately or significantly challenging. The advancing pace of technology (39%) also featured, as effects from the pandemic have complicated organisations’ ability to protect themselves from cyber threats.
iomart CEO, Reece Donovan, said: “The changes we have all experienced in the last three years have left a lasting mark on the business landscape. There are few places we are seeing that more acutely than in cyber security.
“The ‘State of Cyber Security in the UK finance industry’ report shows an ongoing increase in the number of breaches being suffered by organisations. And the results indicate that whilst there’s no one single reason for this, the finance sector is suffering more than most. However, the data in the report clearly highlights the post-pandemic changes to the way we do business as contributing factors. The barrier to entry for cyber criminals is also much lower than it ever was. Someone can set up a devastatingly effective ransomware or malware business from their bedroom, for as little as £50. This means that all organisations, irrespective of their size, are now potential targets.
“The report also shows a higher-than-expected number of breaches. It indicates that finance businesses are facing a greater volume of threats than ever before and are more at risk than almost any other industry. These threats are far more complex and difficult to defend against than we’ve ever seen before. This is largely due to threat actors looking to exploit vulnerabilities that have emerged as a result of new trends such as flexible working.
“From these figures it is clear the finance sector has become a key target for threat actors. The combination of its regulatory obligations, and its central role in business and society, have no doubt highlighted the industry as a valuable opportunity for criminals.
“The encouraging news is in the strength of the response from the finance industry. The evidence for this can be seen clearly in consistent investment and the trend towards making cyber resilience a boardroom issue.
“However, there’s no room for complacency. Continued testing and development of the cyber security response is essential, particularly given the speed at which hackers are advancing in both skill and ambition.”