Regulator warns of hybrid working crackdown

The Financial Conduct Authority (FCA) has warned it will be examining the move by firms to a hybrid working model and how it may impact their ability to meet regulatory rules.

It has published new guidance to companies operating a remote or hybrid working model which announced companies will be evaluated on a case-by-case basis and should be able to prove that the lack of a centralised location or remote working does not or is unlikely to affect the company’s ability to meet the threshold for the for the regulated activities it has or will have permission for.

The guidance added that companies needed to ensure that remote working does not affect the ability of the firm to oversee its functions, cause detriment to consumers, damage the integrity of the market, increase financial crime or reduce competition.

Other advice contained in the proposals include the need for companies to have the necessary planning in place. Recommendations include firms need to ensure they have the systems and controls, including the necessary IT functionality, to support the above factors being in place, and these systems are robust. Additionally, companies are told they should also ensure they have considered any data, cyber and security risks, particularly as staff may transport confidential material and laptops more frequently in a hybrid arrangement.

Companies are also warned to consider the full legal implications of their business of this type of arrangement and how key functions will be performed, overseen and based. Firms are also advised to manage systems and controls effectively, including digital capabilities such as the ability to access records/systems, whether the firm in question relies on physical documents and what arrangements have been made for their security and access.

Responding to the guidance, technology expert Sridhar Iyengar, managing director, Zoho Europe, said, “The FCA is right to warn financial services firms about the risks associated with hybrid working, particularly around challenges such as regulatory requirements, data compliance and accountability. The Covid-19 pandemic has forced through many positive changes in terms of working practices, yet far too many companies still lack the training & assessment of personnel and the IT infrastructure and systems to ensure complete compliance.

“Moving forward, organisations seeking to build a truly safe and secure hybrid working culture must look towards operating systems that can offer key applications to manage everything from collaboration and finance to analytics and customer engagement. This will bring a new level of safety and security to remote working, helping to keep companies compliant in line with FCA standards,” added Iyengar. Security specialist Tim Sadler, CEO of Tessian added: “A hybrid working model brings with it huge benefits in terms of employee wellbeing, cost saving and flexibility, but also substantial cyber risks. The FCA is right to raise awareness of the need for companies to carefully consider how they manage remote working operations to ensure they remain compliant at all times. As well as ensuring the right security systems are in place, it’s essential that staff are fully trained about the risks posed in terms of data security around incorrectly addressed email correspondence as well as external threats like phishing emails, ransomware attacks. Financial services organisations manage valuable and critical data, and it’s so important that they do not allow flexible working practices to put them at risk of a breach.”

Cyber expert Chris Ross, SVP International at Barracuda Networks said, “Hybrid working brings with it many security challenges, particularly for firms operating within the financial services sector, so this guidance from the FCA is a welcome step for helping businesses reduce risk. With ransomware attacks on the rise, keeping companies fully aware of their regulatory responsibilities when managing remote working models is an essential step, alongside the necessary security systems and training for staff. Ross continued, “Our recent research has shown that 81% of IT leaders admitted that their organisation had suffered a security breach in the last 12 months. Worryingly, companies operating a remote or hybrid working model had a substantially higher breach rate, at 85% compared to office-based businesses where the figure was 65%. Worse still, three quarters of those surveyed stated that they had been the victim of at least one ransomware attack. It’s therefore vital that all companies operating hybrid working models remain compliant and acutely aware of potential security risks at all times.”

The guidance added that companies needed to ensure that remote working does not affect the ability of the firm to oversee its functions, cause detriment to consumers, damage the integrity of the market, increase financial crime or reduce competition.

Follow us on twitter: @risksEmerging

Devout Roman Catholic Joe Biden meets Pope Francis in the Vatican at a time when the U.S. president is under pressure from conservatives in the Church for his conflicted position in the dispute over abortion rights https://reut.rs/3jIoSvR

- Lazarus wants to add you as a friend
- Bad guys with benefits
- Game of Ransomware Thrones
We just released our 2022 Threat predictions: https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/mcafee-enterprise-fireeye-2022-threat-predictions #infosec @Raj_Samani @John_Fokker

Yubico uzupełniło rodzinę kluczy YubiKey o model Security Key C NFC - jest to doskonale znany, niebieski klucz FIDO2/U2F/Webauthn z portem USB-C
#yubikey #itsecurity #cyberbezpieczeństwo

SENIOR JAVA FULLSTACK DEVELOPER
#Job
#Lebanon
#Programming
#DigitalMarketing
#cybersecurity
#AI #DataScience #MachineLearning #BigData #100DaysOfCode #Python #DeepLearning #IoT
#CodeNewbie
#flutter
#nodejs
#javascript
#react
#Java
#DEVCommunity
#devel
https://wmktech.com/jobs/senior-java-fullstack-developer-qjnh-1635251555

Europol arresta 150 sospetti e confisca 26,7 milioni di euro nell'operazione Dark HunTOR.

#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecuritynews #privacy #infosecurity

https://www.redhotcyber.com/post/europol-arresta-150-sospetti-e-confisca-26-7-milioni-di-euro-nell-operazione-dark-huntor

Open Source Tools - It is our first FREE edition dedicated to various software from Github! Each tutorial is written by the author! https://hakin9.org/download/hakin9-open-open-source-tools/

#infosec #cybersecurity #redteam #pentest #pentesting #hacking #hackers #coding #opensource #OSINT #python

Maggiore #sicurezza negli #acquisti #online e con carte di credito
#CyberSecurity @IBMItalia #IBMItalia #IBM
https://ibm.biz/acquistisicuri

Load More...
SHARE: