The FCA has published a speech by Robin Jones, Head of Technology, Resilience and Cyber at the FCA entitled, Building cyber resilience, which was delivered at the PIMFA Financial Crime Conference in London.

In his speech, Mr Jones states that in the digital world, the FCA cares about cyber-resilience. Its vision is that firms can protect themselves from many cyber-attacks, identify cyber threats and vulnerabilities. However, the FCA knows that cyber-attacks will happen. Therefore, firms should be able to detect cyber-attacks that are successful and know how to respond to and recover from them – to contain any disruption, restore lost service or protect vital data quickly.

Mr Jones also notes that cyber-resilience is not just about technology, people can often be the weakest link. Staff awareness is a vital element of cyber-resilience. It is also critical that senior management understand what a cyber-attack could do to their business and how to respond and recover from it. It is important that cyber-resilience moves from the technology department to the board room. It needs to be understood as a significant risk to the operation of a business, its consumers and wider markets.

View FCA speech on building cyber resilience, 25 January 2018

View Cyber-security – not just an IT issue but a regulatory one too, July 2017