PIMFA
Microsites
> Advisers’ Sustainability Group
> PIMFA Wealthtech
> Talent, Inclusion, Diversity & Equity
> Under 40 Leadership Committee

Cyber
security

Cyber Security

Cyber Security refers to the practices, technologies, and measures required to protect sensitive financial information, systems, and infrastructure from unauthorised access, disclosure, alteration, or destruction. It involves safeguarding firms and individuals against cyber threats such as hacking, data breaches, malware, phishing attacks, and other forms of cybercrime.

  • CYBER SECURITY WORKING GROUP

The PIMFA Cyber Security Working Group shares intelligence, explores a wide range of issues impacting our sector, and develops best practices and guidance.

Previous work includes:

  • Cyber Security Framework mapping
  • Artificial Intelligence (AI) potential impacts on cyber Security
  • Cyber Security when travelling and working from home
  • Reviews of case studies and learnings
  • Cyber Security strategies and culture

If you are interested in joining this member only group, please contact Kevin Sloane.

View the Cyber Security Working Group

Cyber Incident Good Practice

This guide outlines possible cyber incident scenarios and how to deal with them.

Cyber Security Matters

This guide in collaboration with Mitigo outlines why cyber security should be top of your risk register

Cyber Resilience in Extraordinary Times

This guide outlines how your firm can be cyber resilient.

Cyber Attacks Trends and Reporting

This guide outlines cyber attack trends and how to report them.

Kevin SLOANE
SENIOR Policy ADVISER

Click to expand.

Maria Fritzsche
SENIOR Policy ADVISER

Click to expand.

latest news

HM Treasury G7 Fundamental Elements of Collective Cyber Incident Response and Recovery

HM Treasury has published a document setting out the G7 fundamental elements of collective cyber incident response and recovery in the financial sector.

The fundamental elements are non-binding, high-level principles that may guide the establishment and refinement of collective cyber incident response and recovery arrangements in the financial sector and more widely.

Read more details here.

Regulators highlight Cyber Resilience Practices

The Bank of England (BoE), FCA and Prudential Regulation Authority (PRA) have jointly published observations on effective practices for cyber response and recovery. While drawn largely from large firms, the regulators emphasised that the principles apply across the wider financial sector.

They highlighted the importance of planning for severe cyber disruptions, testing crisis communication channels, and strengthening recovery measures such as restoring data from immutable back‑ups and switching to alternative sites. Firms are also encouraged to assess third‑party resilience, collaborate across the industry, and keep boards regularly updated through dynamic self‑assessments.

To find out more, please click here

The Cost of Complacency: Cyber Threats Facing UK Financial Firms

Read here an article from the PIMFA Journal #32 by Kerrie Machin, Director of Business Development at Mitigo, highlighting that cybersecurity is now a battleground where complacency is no longer an option

HM Treasury: Artificial Intelligence and Cybersecurity – Navigating Risk and Resilience in the Financial System

HM Treasury has published a statement on Artificial Intelligence and Cybersecurity by the G7 Cyber Expert Group (CEG) that advises on cybersecurity policy issues and proactively addresses the emerging and evolving cybersecurity risks AI may pose.

Key areas covered in the CEG statement include:

  • Illustrating the Cyber Impact of AI
  • Maximising Opportunities While Managing Risks
  • Financial Sector Considerations
  • Key Considerations for Financial Institutions and Authorities

Read the statement here.

Almost there...

Complete the quick form below to download the Membership Brochure