Cyber attacks in UK finance sector skyrocket, finds FCA
In a recent report, The UK’s Financial Conduct Authority (FCA) noted that 819 new cases of cyber attacks in the UK finance sector were reported in 2018, a dramatic increase from only 69 cases the year before.
The statistics by FCA broke down the reports further by classifying them based on the institutions, and it appeared that apart from banks, other financial institutions reported an increase in cyber attacks as well.
Fifty-nine percent of the complaints came from the retail banking sector, while financial institutions reporting cybersecurity incidents including wholesale financial markets (14 percent), retail investment firms (6 percent), retail lending (6 percent) and insurance companies (6 percent).
Given the nature of the potentially lucrative private information handled by financial services firms, they are an obvious target for attackers.
For this reason, the industry has invested heavily in cybercrime security awareness in recent years. As a result, often the most effective entry method is via lost or compromised devices and insider threats. But that’s not to say malware and hacking don’t also play a role in security breaches.
Hackers are way ahead
According to Simon Rodway, the lead for pre-sales solution for Entersekt Ireland & UK, cybercriminals employ the latest technology and leverage extensive organizational networks and infrastructure to maximize their impact.
He also noted that cyber attacks move in waves; where attacks at a region might have appeared in another region before.
At present, cybersecurity professionals focus on present threats or those that they receive alerts to, which may be a contributor to the problem; “This means that fraudsters have a long time to exploit a vulnerability before that hole is closed globally and they have to find another.”
The cybersecurity industry is aware of these trends and they work to provide proper solutions for their end users.
However, reliance on legacy technology only hold these implementations back longer. “Cost savings and reliance on legacy security measures with known weaknesses, such as SMS OTPs, for example, can cause problems,” Rodway adds.
source techhq
Industry: Cyber Security
Latest Jobs
-
- SOC Manager. SC Clearance. Immediate opportunity.
- Unknown
- N/A
-
Permanent SOC Manager. SC cleared / clearable, London / Birmingham. SOC Manager needed to replace a SOC contractor I placed into a client who is due to complete their assignment at the end of March. The ability to achieve SC clearance is essential. Looking for someone that is a blend of strategic stakeholder engagement with strong technical skills. The role will sit in a relatively new SOC environment. The position is to setup, implementation and management of resources to help with the initial and on-going stages of a new SOC. Experience engaging with and managing client stakeholder relationships as well as 3rd party relationships is critical. The role will involve; setting up, implementing and fine tuning the various initial stages of a SOC environment. Experience establishing and building out technical process / operational capability, managing of technical teams (analysts, engineers and architects, creation of policy / playbooks, fine turning is key. SPLUNK is the tooling of choice… Interviewing immediately. Set up a call with me today on https://calendly.com/chris-holt/arranged-call-with-chris-holt-soc-manager-role Direct contact details Chris.Holt@dclsearch.com or 07884666351
-
- Security engineer. Financial Services. UK. Permanent
- Unknown
- N/A
-
CH7863 Security engineer. End User . Financial Services Security Engineer needed to monitor and manage a security suite of tools within an End User environment. The Security Engiener will be responsible monitoring, configuring, fine tuning, incident management and generally improving the security tool capability. Specific experience with CyberArk, Tripwire Log Center and Tripwire Enterprise is highly desirable). Current experience with Vulnerability management and penetration testing is highly desirable. Specifically the ability to effectively manage 3rd party pen tests. You will be working within a specialist security team reporting to the CISO. Experience working within an end user environment within financial services is highly desirable. Flexible location. This is an exclusive role to DCL Search & Selection. To book a call please use my Calendy link https://calendly.com/chris-holt/arranged-call-with-chris-holt-soc-role-
-
- DevSecOps - Security design / review consultant. SC Clearance. London
- London
- N/A
-
CH7858 London £70,000 DevSecOps - Security design / review consultant. DevSecOps - Security design / review consultant will ensure that newly created, public facing apps are secure by design and by default by aligning them to current / best practice security policies and standards into the design phases. The individual must have a technical software / application development background with specalist experinece in secure architecture design. (Frameworks, processes, best practice etc) Practical experience translating and ensuring that the OWASP top 10, ISO27001, HMG frameworks requirements are reviewed and embedded into project designs which are implemented is essential. Experience working projects through a full development lifecycle is key. You will work along side the design and project teams to idenitfy and mitigate risks throughout the design phases. This is a permanent role. SC clearance is essential as is the ability to get to the London office. (When appropiate #covid) Security DevSecOps consultant. To arrange a discreet call book via https://calendly.com/chris-holt/devsecopp--security-design-review-consultant
-
- CONTRACTOR Cyber Vulnerability Analyst, NESSUS, Rapid 7, SC clearance required.
- London
- N/A
-
Cyber Vulnerability analyst NESSUS, Rapid 7, needed for IMMEDIATE 3 month contract MUST have / be able to achieve UK SC clearance role to work within a live environment within a public sector department. The individual must have experience in using various security methods and tools such as Rapid7 and NESSUS scan for / identify vulnerabilities, prioritise them according to risk and raise appropriate tickets for remediation / follow up. In depth experience utilising Nessus highly beneficial. Current cyber public sector experience highly desirable.