The following article was a joint collaboration between Aon’s Cyber Solutions and Fladgate LLP, an international law firm. This alert explores the FCA’s “Cyber Coordination Groups (CCG) Insights” published on the 11th of March, 2020 and the impact that COVID-19 has already had on the threat landscape since its release. Aon explores how the previously outlined cyber risks have evolved and key considerations to help FCA regulated firms stay secure, while Fladgate discusses the Legal and Privacy Implications.
Latest Insights from the FCA’s Cyber Coordination Groups
The UK’s financial services regulator, the FCA, recently published its further insights emerging from discussions held across the seven Cyber Coordination Groups (CCGs) spanning the financial services sector: Insurance, Fund Management, Investment Management, Retail Banking, Retail Investments and Lending, Brokers and Principal Trading firms, and Trading Venues and Benchmark Administrators. Set up in 2017, the CCGs meet each quarter and allow firms to share knowledge of their common experiences and discuss best practices in their approach to cyber security in order to reduce potential harm to consumers and markets. The conversations held at the CCGs, which often include potential ways to solve common problems, will be of interest to the wider financial industry sector and to other sectors as well.
As might be expected, much of the discussion related to the current threat landscape (primarily risks arising from supply chain, social engineering, ransomware, malicious insider, and credential stuffing (where credentials obtained from breaches of other services are used to access accounts)), and to emerging and futures trends, in particular new technology, developing solutions and user requirements, and other factors which may influence and challenge the security response, including development and security in operations (DevSecOps), cloud security and payment systems security.
