Articles Marketmedia

Investment Association Launches Cyber Security Committee

Written by Shanny Basar | May 1, 2018 1:25:30 PM

The Investment Association (IA) today hosts its first Cyber Security Conference for Asset Management. With more cyber-attacks launched on UK businesses than ever before, the IA’s conference brings together key experts from law enforcement and government agencies to advance the industry’s ability to identify and respond to cyber threats.

At the conference, the IA and KPMG are launching a report, ‘Building Cyber Resilience in Asset Management’, on the key cyber security risks facing the asset management industry and providing practical steps that organisations can take to build a cyber resilient business.

In particular, the report calls on Boards and senior management at asset management firms to increase collaboration across the industry and invest in developing a cyber response framework allowing firms to rapidly detect, respond and recover from potential attacks.

To assist asset management firms, the IA has launched a Cyber Security Committee. The Committee, which met for the first time last month, will work with firms, regulators and public authorities to ensure the industry is leading edge and to develop cyber security industry guidance.

Also at the IA conference, the City of London Police are launching Cyber Griffin, a new initiative to make the Square Mile more secure from cyber attacks. Cyber Griffin will see specially-trained officers lead a series of community focused exercises which will include threat briefings, intelligence sharing and incident response training. This initiative echoes a key finding of the ‘Building Cyber Resilience in Asset Management’ report which stresses the importance of collaborating, sharing and utilising the insights and experiences of others as a means of reducing systemic threats across the entire asset management industry.

Chris Cummings, Chief Executive of the Investment Association said:

"The asset management sector is prioritising cyber defence, mitigation and resilience to develop a corporate culture that embraces cyber security at its heart. Technology is transforming our industry at a speed and scale never seen before, with criminals also becoming more creative in how they attack financial systems.

“Cyber security issues are not going away and businesses need to understand, manage and mitigate potential cyber security risks. It is testimony to the importance of asset management firms in the City that the City of London Police selected our industry event to launch Cyber Griffin. We will continue to support the industry as it adapts to counter the ever growing threats from cyber security.”

Matthew Martindale, Partner and Investment Management Cyber Security lead, KPMG UK:

“Asset managers exist to protect clients’ assets and that no longer means just making a return. Protecting client’s money and data in a digital world is a challenge - more tech means more cyber-crime - and the consequences of getting it wrong will be severe.

“The challenge is a big one and it won’t have an end point but there are some practical steps that can be taken to make quick and effective progress. Firstly, firms can appoint a single point of contact on the board who takes ownership of cyber security. Beyond that, staff need to be educated; ask yourself whether your staff at all levels know how to identify and react to a phishing email? The adage that an organisation is only as good as its people is especially true with cyber security where the actions of one individual can have enormous ramifications.”

Sergeant Charlie Morrison who will lead the Cyber Griffin delivery team said:

“Although cyber criminality challenges traditional policing as we know it, we are now more capable than ever to tackle the problem. However, it’s imperative we work with our local community to do this, especially in such a unique area as the City of London which is full of businesses who have the potential to be the target for a cyber-attack.

“Cyber criminals specialise in looking for the weak spots in our security. Cyber Griffin therefore is about basics done well. Through briefings, incident response drills and expert guidance, the aim is to get the fundamentals right every time.

“In this case the best offence is a good defence.”

Source: Investment Association