You can use the search function to find a range of UK Finance material, from consultation responses to thought leadership to blogs, or to find content on a range of topics from Capital Markets & Wholesale to Payments & Innovation.
Many firms have breathed a collective sigh of relief following the compliance deadline for the Operational Resilience Policy in March 2025. Despite that, one of the most troublesome scenarios that firms continue to grapple with is ransomware. These scenarios are not all born equal, and depending on the maturity of a firm’s testing, there will be many variations that have been tested across the industry.
How severe should these scenarios be?
Is there a ransomware scale that firms could use to measure their resilience, accounting for containment, response and recovery capability?
Are there severity and plausibility metrics which would help firms compare ransomware scenarios internally within their own firm?
Could a similar set of metrics help both firms and the regulator benchmark resilience to ransomware across the broader industry?
For firms brave enough to test ransomware scenarios that impacted most of their technology estate, how should they go about planning to rebuild their IBS and broader firm? How do they ensure they prioritise their remediation to achieve the highest possible Return on Investment (ROI)? How do they ensure that their investment is addressing both their existing threats, whilst future-proofing them against emerging ones? How should they seek to report their increased resilience their most severe but plausible scenarios, as they remediate vulnerabilities?
Managing Director, Beyond Blue
David is an award-winning UK and international national cyber security expert and the Managing Director of Beyond Blue, with over 30 years of cyber an...
David is an award-winning UK and international national cyber security expert and the Managing Director of Beyond Blue, with over 30 years of cyber and information security expertise. David has held senior roles as the Head of Cyber and Space for the Ministry of Defence, KPMG’s Global Head of Cyber Future and the chair of the Scottish National Cyber Resilience Advisory Board guiding the implementation of the country’s cyber resilience strategy.
In recognition of his service to national security following 9/11 he was awarded an OBE, he was named Personality of the Year at the Cyber Security Awards in 2018, European Business Continuity Consultant of the Year in 2022, and Scottish Cyber Leader of the Year in 2025.
David's extensive expertise and leadership continue to shape the UK's approach to cyber resilience and security.
Beyond Blue partners with clients to tackle their most complex cyber and resilience challenges.Beyond Blue was formed by MD David Ferbrache OBE and Ch...
Beyond Blue partners with clients to tackle their most complex cyber and resilience challenges.
Beyond Blue was formed by MD David Ferbrache OBE and Chairman Paul Taylor CBE, each having over 30 years’ experience in cyber security and resilience.
We are an award-winning boutique consultancy who specialise in helping our clients tackle their most difficult cyber and resilience challenges and seek to equip organisations with pragmatic toolkits to prepare for, respond to, and navigate through this landscape.
Our team has broad and diverse experience in cyber security, technical architecture, crisis management, cyber investigations and Operational Resilience, from both private and public sector backgrounds.
We work across a variety of industries, including financial services, government and national security in the UK, Ireland, Middle East and Asia.
The team engages at all levels but specialises in assisting and advising boards and senior management, with first-hand experience dealing with the unique challenges cyber and resilience pose for leadership while helping clients embrace the opportunities offered by emerging technology.
By downloading this document, you understand and agree that any sharing, distribution or republishing of the content, without prior written authorisation from the author or content managers at UK Finance, shall be constituted as a breach of the UK Finance website terms of use.
