Cyber security & third party risk

Cyber including FSCCC

Our focus in cyber security is to prevent and mitigate the impact of large scale cyber-attacks on the sector. We hold regular discussions with the PRA to ensure that the CBEST threat intelligence framework aligns with our members interests, and we are also actively engaged with government on the issue of ransomware. To enhance the cyber resilience of our members we have built on our relationship with the National Cyber Security Centre (NCSC) to operationalise the Financial Sector Cyber Collaboration Centre (FSCCC) that brings together a network of industry participants and partners to identify and manage the potential impact of systemic or sector wide cybersecurity threats as well as enabling a coordinated response during an incident. 

Third Party Risk including Cloud 

The growing need for better resilience in the Financial Sector across the third party and cloud space has been seen in the rapidly changing technology and threat landscape. Our focus is to support members in their response to present and upcoming regulatory expectations across their third party supplier environment including cloud service provider relationships. Working closely with the regulators, critical third party suppliers including cloud service providers, we advocate on behalf of our members on key third party policies while providing members the opportunity to come together to define industry agreed policy and operational responses to said regulatory expectations.