On May 6, 2020, the Financial Conduct Authority (FCA) updated its COVID-19 information with its expectations around information security. Read the latest guidance here.
The FCA notes that cyber criminals are exploiting coronavirus related themes during the pandemic to carry out scams. Cyber incidents can cause operational disruptions causing harm to consumers and the integrity of UK markets, as well as threaten firms’ viability and cause instability in the financial system.
Firms have had to adapt to the exceptional circumstances caused by the pandemic. The large number of employees working from home has resulted in online systems becoming increasingly mission critical and consequently exploited by cyber criminals.
The FCA expects firms to prioritize information security and ensure that controls are in place to manage cyber risks and respond to incidents promptly. Firms should:
- Enhance monitoring to protect end points, information and critical processes (including network connections and video conferencing software)
- Be vigilant to the potential increase in security breaches or cyber attacks
- Ensure that they have appropriate governance and oversight arrangements
- Review the impact of COVID-19 on their information systems security defences
- Ensure that the general notification requirements are followed, and significant operational/cyber incidents are reported.
Compliance and Regulatory Consulting
Local and global compliance expertise for the financial services industry.
Regionally targeted assistance for asset managers in compliance program development, implementation and maintenance
Comprehensive compliance and regulatory support for EU firms.
Kroll Cyber Risk
Kroll's award-winning cyber experts can help clients in every step of the way toward cyber resilience.