Cybersecurity breaches triple for financial services firms
The number of cybersecurity breaches for UK financial services firms have tripled from the years 2021-2022 and 2022-2023, with the highest number of breaches being reported within the pensions sector.
A report from the international law firm RPC highlighted that the number of breaches reported to the Information Commissioners Office (ICO) has increased from 187 to 640, with reports within the pensions sector increasing significantly from six to 246.
Achi Lewis, area VP EMEA for Absolute Software, commented: “For many sectors now, it is no longer a question of “if”, but “when” an attack will occur. The financial sector is a crucial element within our global economy, handling vast amounts of sensitive data and financial transactions daily, making it a prime target for bad actors.
As such, cyber resiliency has never been more pressing. This means not only having robust preventive measures in place, but also a proactive response mechanism that can swiftly adapt and recover in the face of an attack.
Self-healing technology can empower financial institutions to automatically detect and repair damaged applications and devices, effectively preventing re-infection and reducing downtime.”
According to Absolute’s Resilience Index 2023, the financial services sector’s Windows 10 patch age was a total of 118 days, higher than the professional services sector.
“It’s a cause for concern that so many financial services firms, especially pension schemes, have suffered some form of cyber-attack, resulting in a data breach,”
Richard Breavington, partner and head of cyber and tech insurance at RPC, said. While hackers target pension schemes because of large amounts of “valuable, sensitive, and financial data,” Breavington said “cyber security is fundamental to pension scheme trustees’ legal duties”.
He said this is because trustees can be liable for failure in managing cyber risk “appropriately”.