The Intermediary –- June 2026 - Flipbook - Page 41
growing recognition that cybersecurity can no
Cyber security
longer be viewed as a specialist IT concern.
He says: "On awareness, we are seeing genuine
improvement. We feel there is a growing
recognition that cyber risk sits alongside
In Numbers
professional indemnity as a fundamental
operational concern rather than something for
the IT team to worry about."
That growing awareness is important, as many
of the most effective protections against cyber
70 %
of financial services
IT decision-
makers believe growth is being
risk remain relatively straightforward.
According to recent guidance from UK
constrained by data security and
Finance, some of the most effective ways for
smaller firms to reduce cyber risk include using
strong and unique passwords, enabling multi-
regulatory challenges.
factor authentication, installing software updates
promptly, independently verifying requests to
44%
change payment details and providing regular
cyber awareness training for staff.
While such steps may lack the excitement
of organisations
have experienced
a data breach or unauthorised
of cutting-edge technology, they continue to
form the backbone of effective cyber defence.
access incident.
The challenge, for firms both big and small, is
ensuring these fundamentals are consistently
applied across the business.
50 %
Beyond compliance
While cybersecurity is often discussed through
a technical lens, its implications increasingly
are confident in
their organisation's
compliance with regulations.
extend into more holistic themes of customer
outcomes and regulatory responsibility.
The introduction of Consumer Duty has
without doubt accelerated this shift, prompting
firms to think more carefully about how
operational resilience intersects with customer
33 %
feel fully prepared to
meet the requirements
of The Digital Operational
protection.
According to Andrew Gething, managing
director at MorganAsh: "Cybersecurity has always
Resilience Act (DORA).
been seen as a technical issue, but for financial
services firms, it is now much broader than
that. It has become a clear governance issue,
particularly with Consumer Duty in full force
and with the fresh emphasis it has placed on the
responsibility of firms to avoid foreseeable harm
and ensure good customer outcomes."
52 %
cite the cost of
implementing
robust security measures as a
major obstacle.
This is particularly significant when
considering vulnerable customers. Fraudsters
frequently exploit consumers' confusion
and emotional responses, tactics that can
39 %
disproportionately affect those already dealing
with challenging circumstances.
Gething notes: "Fraudsters are becoming
say data security
concerns are
preventing collaboration with
increasingly sophisticated – using phishing
techniques, impersonation scams and now
external organisations.
AI-enabled deepfakes to exploit trust and
manipulate individuals.
"Someone dealing with a bereavement, financial
stress, poor health or lower digital confidence
p
Source: Optalysys, ‘Securing the Future: Data
Security and Governance in Financial Services’
