Bank of England: financial sector failing to implement basic cybersecurity controls Source: www.theregister.com/2026/01/2… The Bank of England’s 2025 cybersecurity review warns that financial institutions continue to neglect basic security controls despite years of regulatory pressure. The findings are detailed in the CBEST report, produced with the Prudential Regulation Authority and the Financial Conduct Authority, and based on 13 regulator-backed assessments and penetration tests. Common weaknesses included poor access controls, weak password practices, misconfigured systems and inconsistent patching, as well as gaps in intrusion detection. The report also stresses that firms must be prepared to respond effectively to breaches, noting persistent challenges in security culture, staff awareness and training, and warning that technical controls alone are insufficient.
financial sector failing to implement basic cybersecurity controls
Edward Kiledjian
@ekiledjian