On 19 December 2023, the Financial Conduct Authority (FCA), the Bank of England (BoE) and the Prudential Regulation Authority (PRA) published the latest annual CBEST thematic report.
CBEST tests the cyber resilience of firms and financial market infrastructures (FMIs) through live testing that mimics the actions of cyber attackers. The report, which contains cyber resilience good practice and insight including from the National Cyber Security Centre, is being published in full for the first time. It highlights the importance of building strong cyber hygiene and the need for firms to simulate a range of cyber testing scenarios to remain resilient to threats.
The FCA, BoE and PRA highlight that cyber resilience is a top priority for them as disruptions from cyber attacks can impact financial stability, cause intolerable harm to consumers or other market participants, or disrupt market confidence.
They ask firms and FMIs to read the CBEST thematic and consider embedding the findings into their cyber strategies.