Each year, the UK financial regulators from the Bank of England, Prudential Regulation Authority, and Financial Conduct Authority provide their thematic analysis of recent CBEST findings so that firms and financial market infrastructures can better assess their cyber risks and ensure they have adequate resilience capabilities to prepare for, and respond to, cyber incidents that could cause operational disruption and impact financial stability.
CBEST is a threat-led penetration testing assessment framework, that enables firms and Financial Market Infrastructures (FMIs) to identify, understand and remediate vulnerabilities in their cyber resilience.
Findings from the Threat Intelligence Maturity Assessment (TIMA), part of CBEST, showed that firms and FMIs displayed weaknesses in their threat intelligence operations. This was particularly around the integration of threat Intelligence with business lines and increasing the situational awareness in firms and FMIs.
Areas for firms/FMIs to focus on are:
- cyber security risks to assets and individuals;
- cyber risk management and impact-based approaches to the protection of key resources (people, process, technology, and data);
- detection and response capabilities leveraging the latest threat intelligence; and
- cyber incident response to eradicate threats and mitigate impacts.
To further enhance the sector’s cyber resilience capabilities, the regulators intend to start consulting in the second half of 2025 on expectations around the management of Information and Communication Technology (ICT) and cyber resilience risks. This includes risks arising from IT transformations, and the sector’s ability to detect, withstand and recover from disruptions in the event of ICT and cyber incidents. This strategic work will help the sector achieve higher standards of operational and cyber resilience.