Cyber security consultancy and assessor Prism Infosec has joined an elite group of only 16 firms worldwide accredited to deliver regulatory cyber security tests to top tier financial institutions and Financial Market Infrastructure organisations (FMIs) in the UK, as attacks on the UK's financial sector continue to increase.
This CBEST certification is a regulatory-led framework that tests and strengthens the cyber security stature of financial institutions. Administered by international accreditation and certification body, CREST, on behalf of the Bank of England, CBEST is a rigorous cyber resilience test that top UK financial institutions are legally required to undergo every three years.
Cyber breaches in the UK financial services sector have reportedly tripled in recent years. Between 2021 and 2023, attacks on the sector rose from 187 to 640, an increase of over 240%. These reports come as HSBC's UK CEO, Ian Stuart, publicly stated that cyber-attacks are what 'keeps him awake at night', 'because we can be attacked, and are being attacked, all the time'.
Phil Robinson, Founder & CEO at Prism Infosec, said: "The UK is a market leader in helping organisations bolster their defences against online threats. This is due in part to the skills, talent, and capabilities within our mature cyber security sector, thanks to our ever-evolving accreditation and certification schemes.
"CBEST is an example of this. It is a critical, intelligence-led test designed to help financial institutions and regulators – including the Bank of England, Prudential Regulation Authority, and Financial Conduct Authority – better understand a firm's vulnerabilities and weaknesses. We combine penetration testing to evaluate technical security controls with red teaming, which simulates real-world attack scenarios to test an organisation's response and resilience. This insight enables banks to take targeted remedial action to strengthen their defences against potential attacks and other forms of operational disruption."
Founded in 2006, Prism Infosec delivers a range of cyber assessment services to some of the world's largest organisations including major enterprise Silicon Valley firms, media & technology companies, globally significant banks and His Majesty's Government and UK Defence firms. The firm holds a series of industry-leading certifications administered by bodies such as the National Cyber Security Centre (NCSC), UK Government as well as CREST.
Phil Robinson added: "As an independent consultancy we're proud to have achieved this world-class accreditation as a threat-led penetration testing provider under the CBEST scheme. Our team brings decades of experience delivering bespoke services across Critical National Infrastructure, government, and the banking and financial sector, supporting organisations in meeting and exceeding the required regulatory standards.
Holding both CBEST and STAR-FS accreditations, a complementary framework for simulated cyber security testing across the financial industry which we achieved last year, places us among a select group of UK providers trusted to strengthen cyber resilience across the entire financial services sector, including the UK's most critical and top-tier institutions."
