top of page
< Back

Financial Institutions

The growing frequency and severity of hybrid threats - such as cyber-attacks, sabotage, and covert influence operations - are putting the UK’s financial sector at greater risk. Safeguarding your organisation’s assets has therefore become a national priority.

Why your support matters


Hostile state actors are using hybrid attacks in a sustained campaign designed to test response thresholds, normalise major disruption and exploit systemic weaknesses across vital interconnected systems. They are seeking to undermine the business operating environment.


The scale and nature of hybrid threats exceed the capacity of any one institution to tackle. Protecting the financial sector requires a coordinated national approach, including:


  • Strategic Intelligence Integration: sharing state-level threat intelligence in real-time.

  • Systemic Stress Preparedness: testing how the sector holds up against a multi-pronged attack on its digital, physical and psychological foundations.


For leaders of financial institutions, this evolving threat landscape indicates that resilience cannot be achieved by operational measures and private investment alone. It requires engagement in the broader national security framework within which your assets function, with action required now to not only safeguard your critical business operations but the wider financial system which upholds the prosperity of our society as a whole.


What The Resilience Imperative will do


We will advance the need for action to protect our financial services in three ways:


  1. Raising public awareness of hybrid threats facing the UK’s financial services

  2. Building a public mandate for increased defence and security investment to keep us safe

  3. Fostering closer collaboration across industry, government and the public.


We need your support to do this.


The value of joining The Resilience Imperative


By becoming a corporate member of The Resilience Imperative, your organisation will help strengthen the UK’s resilience to hybrid threats, bolstering the security environment that underpins your operations, while accessing the following strategic value:


  • Insight and Forecasting: receive fortnightly resilience and hybrid threat reports delivering structured, sector-specific analysis alongside macro-level assessments of the UK threat environment, through our relationship with Sibylline. This reporting aims to improve awareness and inform resilience planning for organisations operating across the UK’s financial sector.


  • Leadership Forum and Strategic Dialogue: participate in senior-level forums and cross-sector engagement through our relationship with Resilience First, to foster strategic dialogue and share best practice to assist with benchmarking exercises.


  • National Security Leadership: demonstrate your organisation’s active contribution to strengthening UK national resilience and security. By supporting this initiative, you signal to government, industry peers and the public that your organisation recognises the increasing threats and is committed to safeguarding the infrastructure upon which the UK economy and wider society depends.


Hybrid Threats: Specific Case Studies


The financial sector attracts the second-largest share of state-sponsored cyberattacks worldwide, trailing only political institutions. Treating these as isolated IT incidents rather than a strategic campaign precisely designed to undermine the business operating environment leaves your institution reactive, rather than resilient to further shocks which are already occurring.


In an era of escalating hybrid warfare, the UK faces sustained attacks that are not abstract risks, but current realities. Here are some examples:


  • Kinetic Sabotage of the Digital Backbone Baltic Sea Cable Incidents - 2025 - recent suspected sabotage or damage of subsea data cables in the Baltic Sea demonstrates the vulnerability of the physical infrastructure that carries 95% of international financial data.


  • Impact - coordinated accidental damage to cables, combined with GPS jamming, can de-synchronise high-frequency trading (HFT) and timestamping, causing market flash crashes and freezing international settlement finality.


  • Insurers targeted – in 2025 ‘Scattered Spider’, a cyber criminal group known for infiltrating high-value targets through social engineering launched major attacks. Having previously targeted US casinos and major retailers - including a debilitating breach at Marks & Spencer (M&S) - the group is now believed to be probing insurers and financial institutions. Insurers are also contending with the financial implications of large-scale claims. The M&S breach, linked to ‘Scattered Spider’, is expected to result in a cyber insurance pay-out of over £100 million.


  • Cyber-attacks – in 2024 they are estimated to have cost British businesses £14.7 billion, accounting for 0.5% of GDP and growing every year.


  • Ransomware attacks - In 2024 65% of financial services firms were hit with ransomware attacks, according to cyber security company Sophos. This was up from 34% in 2021 and marked the third successive annual rise.


  • Bank attack – in 2024 Santander confirmed it had been the victim of a cyber-attack after a hacking group calling itself ‘ShinyHunters’ claimed to have gained access to 30 million customers’ bank account details.


  • Hacking group disrupted - in 2023 the UK government disrupted a Russian hacking group known as ‘Sandworm’ which was responsible for a series of destructive cyber-attacks, including the NotPetya ransomware attack in 2017, which caused an estimated $10 billion in damages worldwide. In a financial context, such attacks aim to create a crisis where the market loses the ability to verify who owns what assets.

bottom of page