The UK’s Investment Association has set up a cybersecurity committee to assist the asset management sector.
The Cyber Security Committee, which met for the first time last month, will work with firms, regulators and public authorities to develop cyber security industry guidance. In a report written with KPMG, the association calls on boards and senior management at asset management firms to increase collaboration and to invest in developing a cyber-response framework.
Through the committee, it wants to allow companies to rapidly detect, respond and recover from potential attacks. IA and KPMG recently launched a report, dubbed ‘Building Cyber Resilience in Asset Management’. It focuses on the the key cyber security risks facing the asset management industry and providing practical steps that organisations can take to build a cyber resilient business.
Chris Cummings, chief executive of the Investment Association said: “The asset management sector is prioritising cyber defence, mitigation and resilience to develop a corporate culture that embraces cyber security at its heart. Technology is transforming our industry at a speed and scale never seen before, with criminals also becoming more creative in how they attack financial systems.
“Cyber security issues are not going away and businesses need to understand, manage and mitigate potential cyber security risks. It is testimony to the importance of asset management firms in the City that the City of London Police selected our industry event to launch Cyber Griffin. We will continue to support the industry as it adapts to counter the ever growing threats from cyber security.”
The city of London Police are also launching Cyber Griffin, a new initiative to make the Square Mile more secure from cyberattacks. Cyber Griffin will see specially-trained officers lead a series of community focused exercises which will include threat briefings, intelligence sharing and incident response training.
The ‘Building Cyber Resilience in Asset Management’ report stresses the importance of collaborating, sharing and utilising the insights and experiences of others as a means of reducing systemic threats across the entire asset management industry.
Matthew Martindale, partner and Investment Management Cyber Security lead, KPMG UK, added: “The challenge is a big one and it won’t have an end point but there are some practical steps that can be taken to make quick and effective progress. Firstly, firms can appoint a single point of contact on the board who takes ownership of cyber security.
“Beyond that, staff need to be educated; ask yourself whether your staff at all levels know how to identify and react to a phishing email? The adage that an organisation is only as good as its people is especially true with cyber security where the actions of one individual can have enormous ramifications.”
Copyright © 2018 RegTech Analyst
Copyright © 2018 RegTech Analyst
