Chris Greany’s article delves a lot deeper into this subject than I could ever go but the more we talk about such issues within intermediary circles, the better chance we have of combatting them.
It is a theme never too far from the headlines, and one recently highlighted in Financial Conduct Authority (FCA) warnings over the increasing threat of technology outages and cyber-attacks to financial service firms.
FCA research outlined that in the year to October, firms reported a 138% increase in technology outages to the regulator, alongside an 18% increase in cyber incidents.
And the problem was cited as being potentially worse, with businesses thought likely to under-report such events.
The research also found that a third of firms do not perform regular cyber assessments and nearly half of businesses do not upgrade or retire old IT systems in time.
Only the largest firms were suggested to have automated their detection systems to spot potential cyber-attacks.
In addition, just 66% of large firms, and 59% of smaller firms, were reported to understand the response and recovery plans of third parties brought in to handle IT changes.
Tips to get started
When talking to intermediary firms, this is an area which has formed a far more regular topic of conversation, especially when it comes to areas such as Open Banking.
SME’s are often fascinated how large UK corporates such as Barclays combats a variety of cyber threats.
While I wish I could be more helpful in explaining the process, it’s a real positive that this area is being considered and discussed with greater frequency by firms of all shapes and sizes.
So, what can SME’s operating within the intermediary marketplace do to combat such threats?
- Do your own research – maybe you, or someone in your office has or can develop, the IT skills to offer some form of additional protection?
- Speak to your peers – this could be colleagues, friends or competitors. Find out how they or their company deal with a variety of cyber threats,
- Ask your network or a mortgage club if they have any recognised support or affiliations in place
- Seek professional advice – and try to speak to more than one party about relevant solutions for your business,
- And finally, the most important one of all. Don’t ignore it – you deal with lots of sensitive data, this really is an issue you can ill-afford to ignore.
Board level understanding
I am far from an expert in this field, but what I do know is that there needs to be enough understanding of risk and technology at management and board level.
Although this can be a daunting task for many SMEs, the correct level of cost-effective protection is out there.
And you don’t always need to be an expert to find it.
