Search
00
GBAF Logo
trophy
Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

Subscribe to our newsletter

Get the latest news and updates from our team.

Global Banking & Finance Review®

Global Banking & Finance Review® - Subscribe to our newsletter

Company

    GBAF Logo
    • About Us
    • Advertising and Sponsorship
    • Profile & Readership
    • Contact Us
    • Latest News
    • Privacy & Cookies Policies
    • Terms of Use
    • Advertising Terms
    • Issue 81
    • Issue 80
    • Issue 79
    • Issue 78
    • Issue 77
    • Issue 76
    • Issue 75
    • Issue 74
    • Issue 73
    • Issue 72
    • Issue 71
    • Issue 70
    • View All
    • About the Awards
    • Awards Timetable
    • Awards Winners
    • Submit Nominations
    • Testimonials
    • Media Room
    • FAQ
    • Asset Management Awards
    • Brand of the Year Awards
    • Business Awards
    • Cash Management Banking Awards
    • Banking Technology Awards
    • CEO Awards
    • Customer Service Awards
    • CSR Awards
    • Deal of the Year Awards
    • Corporate Governance Awards
    • Corporate Banking Awards
    • Digital Transformation Awards
    • Fintech Awards
    • Education & Training Awards
    • ESG & Sustainability Awards
    • ESG Awards
    • Forex Banking Awards
    • Innovation Awards
    • Insurance & Takaful Awards
    • Investment Banking Awards
    • Investor Relations Awards
    • Leadership Awards
    • Islamic Banking Awards
    • Real Estate Awards
    • Project Finance Awards
    • Process & Product Awards
    • Telecommunication Awards
    • HR & Recruitment Awards
    • Trade Finance Awards
    • The Next 100 Global Awards
    • Wealth Management Awards
    • Travel Awards
    • Years of Excellence Awards
    • Publishing Principles
    • Ownership & Funding
    • Corrections Policy
    • Editorial Code of Ethics
    • Diversity & Inclusion Policy
    • Fact Checking Policy
    Original content: Global Banking and Finance Review - https://www.globalbankingandfinance.com

    A global financial intelligence and recognition platform delivering authoritative insights, data-driven analysis, and institutional benchmarking across Banking, Capital Markets, Investment, Technology, and Financial Infrastructure.

    Copyright © 2010-2026 - All Rights Reserved. | Sitemap | Tags

    Editorial & Advertiser disclosure

    Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

    1. Home
    2. >Technology
    3. >How to bolster operational resilience for financial services in three steps
    Technology

    How to Bolster Operational Resilience for Financial Services in Three Steps

    Published by Jessica Weisman-Pitts

    Posted on July 14, 2022

    5 min read

    Last updated: February 5, 2026

    Add as preferred source on Google
    A man focused on his laptop at home, symbolizing the need for operational resilience in financial services. This image highlights the importance of cybersecurity and the three steps to strengthen business continuity.
    Business professional working on a laptop to enhance operational resilience - Global Banking & Finance Review
    Why waste money on news and opinion when you can access them for free?

    Take advantage of our newsletter subscription and stay informed on the go!

    Subscribe

    Tags:cybersecurityfinancial servicesrisk managementcompliancetechnology

    By Pete Bowers, COO at NormCyber

    Great changes are afoot in the financial services sector after new operational resilience rules and guidelines came into force on 31st March 2022. These rules govern the actions businesses must take to prevent, adapt and respond to, recover and learn from various forms of operational disruptions, and require that firms are able to operate within their ‘impact tolerances’ by March 2025.

    Crucially, as laid out by the Bank of England (BoE) and the Financial Conduct Authority (FCA), operational resilience now extends beyond simple business continuity and disaster recovery, into the realm of cyber security.

    With time ticking over financial services organisations to demonstrate their cyber resilience to their customers, partners and regulators, there are three areas they should focus on to lay the foundations for success.

    The three pillars of cyber resilience

    Cyber attacks are one of the most severe disruptions for business operations, and can strike unexpectedly with devastating consequences for those ill-prepared to face them. According to data cited in Verdict, the volume of cyber attacks hitting the financial sector globally spiked 200 percent in 2020 alone, and the number of attacks is certain to have grown since then.

    Maintaining adequate resilience against these risks comes down to the three pillars of an effective cyber security strategy, and only by having all three in alignment can the whole organisation remain structurally sound.

    People as an asset, not a weak spot

    When we think about potential weak spots from a cybersecurity position, they often stem from the people within a business itself, and their lack of knowledge about how to avoid pitfalls or report suspected incidents. For example, according to the UK government’s Cyber Security Breaches Survey 2022, out of the 39 percent of businesses which identified an attack in 2022, 83 percent reported that phishing attempts were the most common threat vector.

    Phishing attacks notoriously exploit the ‘human factor’ – our brains’ natural instinct to trust the familiar and respond to pressure – so having staff capable of identifying phishing attempts is one of the biggest assets a financial services organisation can have today. The best way to ensure this is to provide them with the right training and test their knowledge in simulated phishing exercises, and do it in a regular pattern so that vigilance remains high at all times. This way, if a staff member is targeted by a phishing email, they will immediately know how to identify it as such and take the necessary steps to neutralise the threat.

    As phishing remains a convenient and lucrative endeavour for malicious actors, businesses have no alternative but to arm people with the knowledge and confidence to tackle the challenge.

    Processes in place keep attacks at bay

    Secondly, processes must be put in place to ensure decision-makers know precisely what to do in the face of threats. However, such processes can be hard to define in isolation. Fortunately, the National Cyber Security Centre (NCSC) offers certifications including Cyber Essentials and Cyber Essentials Plus which focus on the main areas of concern for cyber resilience. This includes managing firewalls, secure configuration, access controls and malware protection. If these processes are implemented successfully, the NCSC estimates that as much as 80 percent of attacks can be prevented.

    Furthermore, certifications such as ISO27001 can help cover bases which Cyber Essentials doesn’t. For example, while Cyber Essentials tends to focus on data and programmes held on devices, networks and other parts of a business’s IT infrastructure, ISO27001 certification looks at all the data held by a business, whether it be on paper or in digital form.

    Besides prevention, processes must also be in place to deal with the aftermath of a data breach or cyber attack. In these instances, relying on certifications alone won’t ward off operational disruption and a potential GDPR fine. Adequate operational measures must be in place so that the right people can decide on the appropriate course of action – from notifying the ICO to alerting customers and partners – which will always vary case by case.

    Plugging in the right tech for the job

    Finally, the right tools will play a crucial role in ensuring cyber and operational resilience. Gartner predicts that worldwide information security spending will grow 11.1 percent to a total of $187 billion in 2023, much of which will be spent on technology. All of this investment assumes a business has the abundance of skilled and dedicated staff to operate such technology. However, this isn’t always the case, especially in a climate of shortages of hardware and available workers.

    Many businesses simply don’t have the resources to plug into buying new pieces of tech or to take on new members of staff to fill their Security Operation Centres (SOCs). In fact, research shows only 44 percent of businesses have tools to monitor or record instances of breaches. As a result, one in four businesses are turning to external cyber security providers to meet their needs.

    Not a case of if but when

    Time and time again we’re shown it’s never a case of if but when a cyber attack will strike, so burying one’s head in the sand is simply not an option. Instead, businesses must implement full technical controls along with employee cyber awareness programmes and appropriate operational procedures. By having all three pillars of cyber resilience working in concert, businesses can move forward with the assurance that they are doing all they can to maintain operational resilience day in and day out.

    Frequently Asked Questions about How to bolster operational resilience for financial services in three steps

    1What is operational resilience?

    Operational resilience refers to the ability of an organization to prevent, adapt to, respond to, recover from, and learn from operational disruptions, ensuring continuity of services.

    2What is cybersecurity?

    Cybersecurity involves protecting computer systems, networks, and data from theft, damage, or unauthorized access, ensuring the integrity and confidentiality of information.

    3What is phishing?

    Phishing is a cyber attack that typically involves tricking individuals into providing sensitive information, such as passwords or credit card numbers, often through deceptive emails or websites.

    4What is a data breach?

    A data breach occurs when unauthorized individuals gain access to confidential data, potentially leading to data theft, loss of privacy, and financial harm.

    5What is the role of technology in cybersecurity?

    Technology plays a crucial role in cybersecurity by providing tools and systems that help detect, prevent, and respond to cyber threats, enhancing overall security posture.

    More from Technology

    Explore more articles in the Technology category

    Image for Showcasing Digital Leadership – Best Bank for Social Media 2026
    Showcasing Digital Leadership – Best Bank for Social Media 2026
    Image for Innovation Through Partnership: The Role of External Tech Teams
    Innovation Through Partnership: The Role of External Tech Teams
    Image for Nominations Open for Technology Awards 2026
    Nominations Open for Technology Awards 2026
    Image for Nominations Open for Innovation Awards 2026
    Nominations Open for Innovation Awards 2026
    Image for Archie earns industry recognition across G2, Capterra, and SoftwareReviews
    Archie Earns Industry Recognition Across G2, Capterra, and SoftwareReviews
    Image for The Bankaool Transformation: How a Regional Mexican Bank Became a Fintech Disruptor
    The Bankaool Transformation: How a Regional Mexican Bank Became a FinTech Disruptor
    Image for Submit Your Entry Today for Digital Banking Awards 2026
    Submit Your Entry Today for Digital Banking Awards 2026
    Image for Behavioral AI in Financial Services: Moving Beyond Automation Toward Human Understanding
    Behavioral AI in Financial Services: Moving Beyond Automation Toward Human Understanding
    Image for Submit Your Entry for Brand of the Year Awards Technology Bahrain 2026
    Submit Your Entry for Brand of the Year Awards Technology Bahrain 2026
    Image for Entries Now Open for Best Islamic Open Banking Burkina Faso APIs 2026
    Entries Now Open for Best Islamic Open Banking Burkina Faso APIs 2026
    Image for Entrepreneurial Discipline in the AI Economy: Insights from Dmytro Lavryniuk
    Entrepreneurial Discipline in the AI Economy: Insights From Dmytro Lavryniuk
    Image for Entries Now Open for Best New Digital Wallet Innovation Award 2026
    Entries Now Open for Best New Digital Wallet Innovation Award 2026
    View All Technology Posts
    Previous Technology PostThe Digitalisation of the Financial Services Industry Is Accelerating
    Next Technology PostFinancial Institutions Must Start Thinking Differently About Cybersecurity, Risk, and Resilience