Financial services firms understand there are various criminal threats out there, and over the course of history have developed new ways of defending their businesses and the customers that place trust in them.

In the early days, banks relied on huge, steel-lined vaults to protect assets. In more recent decades, alarm systems and sophisticated theft deterrents have added layers of physical security.

However, today they face a greater threat: one that's genuinely global in its nature and continues to grow and adapt with unprecedented speed.

This threat doesn't burst through doors, armed, to demand cash from tellers. On the contrary, this threat can strike from anywhere, hack into critical systems or sneak in due to ineffective internal oversight. This threat is largely invisible and often does significant damage before being detected.

We?re talking, of course, about the threat of cyberattacks.

The cyber threat landscape is a broad church. It contains organised criminals, ?lone wolves?, disgruntled employees and even nation-state-sponsored actors. Firms need to be ready to defend against the threats that all of these pose, if they are to retain the confidence of their customers and regulators.

Fortunately for criminals, not all boards across the UK are as prepared for cyber incidents as they could be. Board members might be comfortable with handling commercial strategy and operations but when it comes to cyber, too many still feel ?in the dark?.

The language of this world is often jargonistic for one thing, and many boards do not have dedicated cyber specialists at the table. As a consequence, some businesses are failing to make the right investments in the right place and therefore they are also failing to evolve at pace with the threats. 

Huntswood and Gadhia Consultants recently co-published a paper specifically for those boards struggling to adapt to the changing landscape. With the understanding that cyber incidents are more of a ?when not if? matter, this new paper highlights the need for increased cyber awareness among senior managers.

The paper guides boards through some critical questions, including:

·         How do we know that we have the most appropriate security in place?

·         How should we communicate the news of a cyber security breach and to who?

·         Do we have continuity plans in place in the event of a cyber incident?

Cyberattacks are becoming an increasingly common issue within financial services, but we cannot let them become just a ?fact of life?. Businesses must be prepared, they must evolve, and they must protect the customers that rely on them.