Return to search

More than one ‘significant’ UK cyberattack each day in 2017

Of the 1,100-plus incidents reported to the UK’s National Cyber Security Centre last year, over half were classed as significant.

There were 590 significant cybersecurity incidents reported to the UK’s National Cyber Security Centre in 2017, and more than 1,100 in total, according to data from audit firm RSM.

The centre, which became operational in October 2016, aims to reduce UK cybersecurity risk and provide incident response.

A further 69 attacks were reported to the Financial Conduct Authority during the year, an 80 percent increase from 38 in 2016 and 24 in 2015.

Regulated financial services businesses, including private fund managers, have to report cyber incidents to the FCA if they lead to a significant loss of data, or the availability or control of IT systems, affect a large number of customers, or result in unauthorized access to, or malicious software present on, the company’s information and communications systems.

The FCA, which recently carried out cybersecurity assessments across the sectors it regulates, said improvements are needed to ensure firms have better basic hygiene, are better able to identify their critical assets including data, and are better able to detect hacks.

“There also needs to be a focus on security culture among all staff, including training and awareness, and raising understanding at a board level,” the FCA’s head of technology, resilience and cyber, Robin Jones, said.

The regulator recently launched cyber co-ordination groups, with firms participating on a quarterly basis, and sharing best practice response.

It has also, alongside other regulators, contributed to the Financial Sector Incident Response Guide, which advises firms where they can seek help, what their reporting responsibilities are, and how to properly respond to a cyber incident.