Cyber security is now second only to political risk as one of the key challenges facing the UK financial sector. Cyber-crime has become a big business, with the global impact exceeding $450 billion a year as crime, extortion, blackmail and fraud move online. To be effective in addressing this risk, the approach of businesses across all sectors needs to change to a community-based and comprehensive approach to disrupting the criminal ecosystem.
This demands that we understand the threat from the perspective of ruthless and rational cyber-criminal entrepreneurs, and that we work together across the financial community, key industries, law enforcement and governments to break their business models. It isn’t simply a question of increased spending for more robust security systems: financial services firms already spend three times more than non-financial organisations do on cyber security. This growing challenge demands new ways of working between government, law enforcement and the finance industry, but most critically to shift to new security models that are agile, responsive and focus on protecting customers against exploitation. No single organisation can achieve this in isolation: we must work through effective partnerships to tackle this growing threat.
This private summit will draw together senior industry executives and non-executives from across the key infrastructure firms in financial services as well as experts from across Government, law enforcement and key UK, US, and EU institutions. It will provide an opportunity to develop closer co-operation across the private sector and better collaboration and partnership between industry and Government to help tackle this growing threat.
Key questions to be considered:
- What policy and legislative changes are needed to help combat the growing threat of cybercrime and cyber-attacks?
- How can greater public private sector partnership help meet this challenge?
- Are there lessons that can be learnt from other jurisdictions?
- Are there lessons that can be learnt from recent attacks, other challengers and areas of partnership such as how the industry is working with government to counter economic crime?
- How can we build greater collaboration across the industry?
- What are the regulators’ expectations for the industry?
- How will regulators approach stress testing and thematic supervision for the industry?
- Is a risk-based approach to operational resilience the right approach?