Freely subscribe to our NEWSLETTER

The scheme, launched yesterday, will be run by the Bank of England, CESG (the information security arm of GCHQ) and the Financial Conduct Authority (FCA).

It uses cyber intelligence from the Government and accredited commercial providers to identify potential threats to a particular financial institution. Accredited cyber security analysts then replicate the techniques used by potential attackers to test, in a controlled environment, the impact an attack could have on the institution.

MWR, who as a CBEST accredited supplier can provide these services to financial institutions, have been involved in the development of the scheme alongside other companies within the industry.

Alex Fidgen, Director at MWR InfoSecurity, said: “Clearly the Bank of England is concerned about the sophistication of the growing number of threats being faced by financial institutions.

“MWR has been conducting these types of penetration assessments in isolation over the last four years for specific financial clients, therefore we know it works well – the formalisation of this is very much welcomed."

He added: “It is a major step forward, which couples highly realistic assessment techniques with real threat intelligence to help the UK’s financial industry better protect itself for the future. The CBEST scheme is a step change in information security collaboration.

“This will gauge the systematic financial risk being posed by cyber criminals to the UK, essentially to feed into the Financial Policies Committee (FPC) remit, so UK policy makers will get a real understanding of how exposed financial institutions are. Organisations will then be able to work with the CBEST suppliers to detect previously unidentified risks and the potential impact to their business."

Fidgen said: "We very much welcome the scheme as it is the first real example of threat intelligence providers working together to provide wide-reaching risk assessments that will improve the UK’s financial resilience to cyber attacks."