The FCA has published a new web page on cyber resilience containing relevant materials.

Among other things the FCA reminds firms that under Principle 11 they must report material cyber incidents. A firm may consider an incident material if it:

  • results in significant loss of data, or the availability or control of IT systems;
  • impacts a large number of victims; or
  • results in unauthorised access to, or malicious software present on, information and communication systems.

View Cyber resilience, 18 May 2018