“Nowhere in the world is there an overarching prudential standard for operational resilience. And advances in payment services and open banking – welcome in terms of increased competition and innovation – will pose further challenges to existing technologies. So developing our supervisory approach, setting out clearly the level of operational resilience we expect of firms and how we will make sure it is delivered, is a top priority for the PRA. We will publish our thinking later this year.”
Sam Woods, Deputy Governor for Prudential Regulation and Chief Executive Officer of the Prudential Regulation Authority
With global cybercrime costs potentially reaching £5 trillion by 2021, the financial services industry remains the main target for cyber security criminals all over the world and especially in the UK, the leading international financial centre. Figures from the Financial Conduct Authority show that reported data hacking attacks against financial services companies quadrupled in 2017. The National Cyber Security Centre recorded over 1,100 reported attacks, with 590 regarded as significant last year. Thirty of these incidents required action by government bodies, a large number of which were targeted at financial sector organisations.
Against this background, we are delighted to let you know that the 5th edition of the City & Financial Global’s Financial Services Cyber Security Summit, a premier event of its kind, will take place in London on 13th September 2018.
Over the last four years, the City authorities have regularly supported this event. This year’s conference will be opened by Lyndon Nelson, Deputy CEO & Executive Director, Regulatory Operations and Supervisory Risk Specialists, Prudential Regulation Authority
Shortly prior to the date of the conference, it is expected that the Bank of England, PRA and FCA will publish their joint discussion paper on operational resilience.
This paper will set out the supervisory authorities’ objectives for operational resilience; the potential for additional policy making; the potential for revising existing policy; and the supervisory authorities’ views on clarifying the responsibilities of firms and FMIs’ boards and senior management.
These standards, which are the PRA’s top priority, will set out the regulator’s expectations for the operational resilience that it expects of financial institutions and how it will make sure that they are delivered.
What else will be discussed?
How the government and regulators will be approaching operational resilience in 2018-2019
What impact has the new cyber security legislation made on the financial services sector so far and is the regulatory landscape likely to change in the upcoming years?
Role of the CEO in making cyber security a boardroom issue and integrating it into
the overall business strategy. How can we improve the cyber security expertise of other board members?
Moving towards best practice cybersecurity for CISOs & Heads of Operational Risk.
- Prediction, prevention, detection and response – correct allocation of time and resources
- Defining and understanding cyber risk in a modern enterprise
- Is there such a thing as a cyber risk appetite?
The risk management life-cycle for third parties.
- Are you really managing third party cyber risk? Learning from other industries
Artificial technology and cyber security.
- Understanding emerging risks in the technology space and building a solid technology risk management framework within your organisation
- Harnessing new, innovative approaches to cyber security offered by specialist FinTech firms
- Choosing appropriate models for cooperation
Moving towards creating a security culture in which people are naturally alert to security issues and act accordingly. How to change behaviour of your staff rather than simply offering staff training programmes?
The advantages and disadvantages of migrating to the cloud from a cyber security perspective
The impact of quantum computing on cryptography and cyber security: planning for the future