Compliance firm expands cybersecurity service in wake of ESA advice
A global financial compliance firm is expanding its cybersecurity service targeted towards the financial services sector, following new advice from the European Supervisory Authorities.
Lawson Conner wants to encourage financial services firms to treat cybersecurity as a compliance issue, and it offers cyber risk management, tailored towards the financial sector, as one of its services.
Last week ESAs called for an appropriate oversight framework to monitor the activities of critical third-party service providers and streamlining of the incident reporting frameworks across the financial sector. The advice also urged financial services firms to focus on cyber resilience, and proposed an EU-wide, voluntary coherent testing framework that focuses on Threat lead penetration testing.
Lawson Conner’s service, Lawson Conner Guardian has been developed in response to the increasing threats that financial services firms face, and the likelihood that cyber security for the financial sector will become more of a regulatory issue.
It includes managed prevention, detection and response, analytics, threat intelligence and incident response, all geared towards the cyber threats that are most likely to compromise financial services firms.
It is a cost-effective and comprehensive endpoint security platform, which secures a firm’s information assets and continuously monitors threats and anomalous activities.
Joe Woodbury, Director at Lawson Conner, says: “Technology has progressed exceptionally quickly in recent years, and most new innovations have been immensely beneficial for the financial services sector. What we are seeing though is that many firms have implemented new technologies without adequately mitigating risk and have created a kind of ‘cyber monster’. Lawson Conner Guardian can mitigate those risks and detect and tackle cyber threats and attacks.”
The ESAs advice follows an FCA report at the end of last year, which found that there had been five times more cyber attacks within financial services firms in 2018 than there were in 2017. In its report, “Cyber and Technology Resilience in Financial Services Firms”, the FCA highlights governance as a particular issue, stating that some firms were over-confident in their ability to manage technological change. It also highlights its intention to consider key areas of focus uncovered in the report and include them in its 2019 Supervisory plans, suggesting tighter regulation on cyber management is on its way.
Woodbury says: “Given the FCA findings and ESAs advice, it is very likely that there will be a tighter regulatory framework introduced to govern how firms manage cyber-risk. We urge financial services firms to treat cyber as a serious compliance issue, in the same vein as AML and KYC. Reputational and financial consequences for failing to mitigate cyber threats can be huge – for example Tesco bank was fined GBP16.4 million pound after it fell victim to a cyber attack in 2016, and penalties are only likely to become more severe.”
Lawson Conner Guardian has been developed to specifically respond to some of the cyber threats most likely to affect the financial services sector such as attacks on apps and data theft and breaches. It is particularly useful for smaller and mid-size fund managers and financial services firms who do not have the budgets to afford full-time, dedicated IT risk specialists.