FCA outlines its approach to cyber security

In a speech in September, the FCA outlined how they are turning their cyber sights to the broader population of firms that they regulate. (Read about the original update here.)

The regulator is conducting an assessment to find out which firms they believe pose the greatest risk to their objectives of market integrity, consumer protection and competition. The assessment is not dependent on the size of firm.

They expect to see a demonstrable security culture consisting of:
  • good governance;
  • key asset identification;
  • appropriate asset protection;
  • monitoring/Detection;
  • recovery and response;
  • knowledge sharing.
They are also investigating the issues of ransomware, data storage and outsourcing, and the cyber skills gap.

The FCA will deploy a proportionate approach, ranging from communications and self-help to a more intensive supervisory approach.

If you would like to find out more information about these details, please contact us.

Leave a comment

 Security code