On Monday, 11 February, Greg Clark, Financial Secretary to the UK Treasury, announced in the House of Commons that the Financial Services Authority (“FSA”) will head up a new government benchmarking scheme regarding cybersecurity for the UK financial services sector.
The financial sector is coming under increased scrutiny in recent months with the European Central Bank recommending that banks, credit card companies and other payment service providers be required to put in place multiple layers of security to make it harder for hackers to infiltrate internet payment systems.
The FSA review will cover 30 major financial institutions and include input from the Treasury, the Bank of England and other government departments and agencies to assess cybersecurity practises, and will culminate in an updated Business Continuity Management Practice Guide and discussion paper.
The aim of the review is to ensure a greater awareness of cyber risks and promote cybersecurity in the finance sector, and should help promote better security aimed at preventing cyber threats. The review will also seek to include information on correction techniques by detailing effective business continuity models for organisations.
This new scheme underscores the attention cybersecurity is getting within Europe, and the Guide is likely to complement or even inform the security measures anticipated by the European Commission’s draft Directive on Network and Information Security (“NIS”) (see our blog on the NIS Directive) that would require banks, stock exchanges and organisations from a range of other sectors to adhere to a set of common, minimum information security standards and impose an obligation to notify national regulators of cases where they experience significant cyber breaches.