Introduction
In 2024 [1] [3], the number of cyber-attacks reported by large [3], regulated financial institutions to the UK’s Financial Conduct Authority (FCA) has significantly decreased [3]. This reduction is attributed to enhanced regulations and increased vigilance within the financial sector.
Description
The number of cyber-attacks reported by large [3], regulated financial institutions to the UK’s Financial Conduct Authority (FCA) has decreased by 53% in 2024 compared to the previous year [3]. From January 1 to October 21, 2024 [2] [3], the FCA received 101 incident notifications from regulated firms [3], marking a significant reduction from the total incidents reported in 2023 [3]. Incidents related to cyber-attacks against third-party providers have fallen by 37% [2] [3], while data breaches associated with cyber incidents have decreased by 29% [1] [2] [3].
This decline is attributed to the FCA’s enhanced regulations surrounding operational resilience [1] [2], which require firms to establish impact tolerances [2], conduct vulnerability testing [2] [3], perform crisis simulation exercises [2] [3], and develop comprehensive communication plans aimed at protecting critical data. Furthermore, the FCA is mandating additional financial investments for compliance by March 31, 2025, in response to the financial sector’s increasing reliance on critical third parties [2].
Despite the promising reduction in reported incidents, experts emphasize the importance of ongoing vigilance, as cyber-attacks now account for nearly one-fifth of global financial losses [2], totaling $12 billion over the past 20 years [2], with $2.5 billion lost between 2020 and 2024 [2]. Financial firms must continuously enhance their security measures to counter evolving cyber threats [3], particularly in the context of a persistent global threat landscape [1].
Conclusion
The significant reduction in reported cyber-attacks in 2024 highlights the effectiveness of the FCA’s enhanced regulations and the financial sector’s commitment to operational resilience. However, the persistent threat of cyber-attacks necessitates ongoing vigilance and continuous improvement of security measures. As the financial sector increasingly relies on third-party providers [2], further investments and strategic planning are essential to safeguard against evolving cyber threats and mitigate potential financial losses.
References
[1] https://www.digit.fyi/financial-cyber-attacks-dropped-by-50-in-2024/
[2] https://www.itpro.com/security/uk-banks-weathered-the-storm-of-cyber-threats-in-2024-heres-why
[3] https://www.infosecurity-magazine.com/news/drop-cyberattack-reports-financial/
