Symposium Report Summary
12:00 Thursday, 21 April 2022
UK CYBER SECURITY COUNCIL
Promoting London’s position as a global hub for secure and trusted financial services
In March, leading cyber security specialists and associated partners came together as we hosted the first UK Cyber Skills Symposium in partnership with City University of London and The Worshipful Company of Information Technologists.
Chaired by Serena Chaudhry Pandey – Associate Director of Data Minr and Freeman of the City of London Technology Livery Company – participants at the event discussed how London should use the formation of the UK Cyber Security Council to ensure the city remains at the forefront as a global hub for secure and trusted financial services.
Keynote speakers at the symposium were:
- Simon Hepburn – CEO, UK Cyber Security Council.
- Michael Mainelli – Alderman & Sheriff of London 2019-2021.
- Chris Ensor – Deputy Director of Cyber Growth, The National Cyber Security Centre.
- Glen Marr – Senior Director (EMEA), Luxoft.
- Damian Heal – Senior Vice President, Citibank.
- Paul Maskall – Manager of Fraud & Cyber Crime Prevention, UK Finance.
The keynote speakers were joined by a range of panellists:
- Dr Indranil Nath – Global Vice President, PNC Insurance.
- Chris Dimitriadis – Chief Global Security Officer, ISACA.
- Professor Rajarajan Muttukrishnan – Founding Director of the Institute for
- Cyber Security at City University London.
- Vanessa Tran – Founder, Forefront Future.
- Clar Rosso – CEO ISC2.
A summary of key discussion points at the event is below.
Simon Hepburn, CEO, UK Cyber Security Council
The UK enjoys a position as one of the highest net-exporters of financial services, with London often cited as the world’s financial capital.
As the gaze of global commerce looks towards the UK, its institutions and the major financial players based here to counter a new, growing threat - cyber-attacks – it’s imperative to develop a world-leading cyber security sector in the UK.
To achieve this, we need to forge the pathways to create a diverse, vibrant and inclusive sector. We need to build the case for investment in cyber security investment with C-suite decision makers across the world of financial services. And we need to equip people with the skills businesses to bolster their cyber defences.
Why is cyber security important in the sector?
Statistics from the parliamentary research briefing into the UK’s financial services (December 2021), clearly demonstrate the importance of the UK’s insurance, fintech and banking sectors. Despite this dominance, a major threat to this leading position remains the ever-increasing risk of cyber security breaches.
The UK finance industry needs to be especially cautious, given the wealth of data it possesses. As the industry becomes increasingly digital, so too has the appeal of cyber-attacks as an increasingly lucrative venture. Without rigorous security in place, financial institutions across the UK jeopardise their future.
FIVE STEPS TOWARDS A CYBER SECURE FUTURE FOR UK FINANCIAL SERVICES
Our symposium revealed five essential key steps for the successful integration of cyber security and financial services required to ensure the UK’s continued prosperity. These include:
- Creating recognised and aligned standards.
- Delivering diversity.
- Cultivating soft skills to bridge the gap between cyber and the C-suite.
- Ensuring leading edge knowledge.
- Building the UK’s cyber skills – now.
1: ALIGNED STANDARDS
Currently, there’s an abundance of standards and certifications for individuals and businesses to work towards regarding cyber and information security. From certifications and courses for entry-level cyber security professionals, to those operating at the higher echelons of the profession, there’s no shortage of options available.
Throughout the symposium, the importance of creating aligned standards to aid clarity and understanding was a hot topic. The discussion highlighted the importance of bringing different clarity to the varying levels of cyber security expertise and building understanding with financial services firms about the kinds of support they may require.
2: DELIVERING DIVERSITY
The UK is dependent on a thriving cyber security sector to remain a safe and prosperous place to live and do business. Diversity and inclusion are fundamental to this. The sector needs to attract and retain the best talent and foster diversity of thought. It’s vital that those within the cyber industry workforce can thrive to reach their full potential, regardless of their gender identity, ethnicity, disability, sexual orientation or socio-economic background.
3: SOFT SKILLS – BRIDGING THE GAP BETWEEN CYBER AND THE C-SUITE
Access to basic and specialist cyber security expertise is important for financial services firms that want to ensure they’re protected against growing cyber threats. However, simply employing cyber specialists, or having a third-party cyber security partner in place, isn’t necessarily enough.
Another of the key elements of successfully bringing cyber security and financial services professionals together highlighted at the symposium was the importance of soft skills. More cyber security experts with these skills would allow staff to better articulate the business case for investment into cyber security to board members across the C-suite.
4: LEADING EDGE KNOWLEDGE
With advancements in technology, hackers are becoming more skilled at finding holes and cracks in corporate security systems and can gain access to protected files and data, posing a significant cybersecurity threat.
This demonstrates the importance of cyber security professionals ensuring they keep abreast of the latest technology and are up to date with hardware and software developments such as artificial intelligence and machine learning.
5: CYBER SKILLS – NOW!
Having the skills and capability in-house to manage cyber risk effectively can reduce the financial cost to a business from cyber-crime, and it can also increase consumer confidence – providing that business with a competitive edge.
Although there are rising numbers of people with cyber security degrees and qualifications, this still falls way short of industry demand. Further down the education system, there’s still a long way to go as the number of young people taking IT subjects at GCSE level has dropped 40% in the past six years (Source: computerweekly.com).
Training opportunities must diversify to include apprenticeships, and a broader, more inclusive set of qualifications and certificates.
In summary, we need security through collaboration...
For the cyber security and financial services sectors to thrive, partnership across government, academia, education and industry is essential. Stakeholders from within each need to work together to evaluate experience, share resources and align standards in a consistent way across the industry.
The symposium showed clearly that there was a real will to collaborate across disciplines to the benefit of financial services, cyber security and the UK as a whole. Now is the time to act on that goodwill and openness to turn shared aspirations into meaningful actions.