Cyber resilience good practice for firms

The FCA, Bank of England (the Bank) and Prudential Regulation Authority (PRA) have published the latest annual CBEST thematic report.

CBEST tests the cyber resilience of firms and financial market infrastructures (FMIs) through live testing that mimics the actions of cyber attackers.

The report, which contains cyber resilience good practice and insight including from the National Cyber Security Centre (NCSC), is being published in full for the first time. It highlights the importance to build strong cyber hygiene and the need for firms to simulate a range of cyber testing scenarios to remain resilient to threats.

Cyber resilience is a top priority for us, the Bank and PRA. Disruptions from cyber-attacks can impact financial stability, cause intolerable harm to consumers or other market participants, or disrupt market confidence.

Firms and FMIs should read the CBEST thematic and consider embedding the findings into their cyber strategies.