Skip to main content


Building societies: Cyber threats and solutions

With a rapidly evolving cyber risk landscape, building societies are particularly vulnerable. This article explores the key threats and mitigation strategies.

The cyber risk landscape is evolving rapidly, with organised criminal groups using sophisticated ransomware and access tools to target businesses.  The financial services sector is one of the most vulnerable to cyber threats, with organisations utilising a wide range of online tools and services, while capturing and holding large amounts of sensitive customer data.

Marsh’s data showed that banks and building societies were the financial institutions most affected by cyber incidents in 2021; with the majority of those losses taking place in the UK and Europe. A total of 38% of cyber losses involved third parties, with their actions resulting in a loss of customer data. In addition, the average downtime for organisations has increased 53% year on year in 2022. The typical outage following a cyber incident is now up to 19 days, while according to IBM’s ‘Cost of a Data Breach’ report 2022, the average costs of a ransomware attack, excluding the ransom payment, is more than US$4.5 million.

There has also been an increase in societal risk factors combined with a general uptick in cyber criminality, which further exacerbates the risk to policyholders of a cyber loss. Post-pandemic, large numbers of employees now work from home and this, coupled with the current economic crisis, is likely to lead to an increase in crime insurance notifications, including cyber and computer crime.

At the start of the year, the World Economic Forum’s Global Risk Report highlighted that cybersecurity failures were listed among the top 10 heightened risks following the pandemic in 2022. The growing “work from home” environment and current economic climate could possibly also lead to an increase in social engineering claims, fake president fraud[1] and general employee dishonesty.

Adding to these risks is an increasing cost of professional indemnity and regulator-driven directors’ and officers’ insurance claims. Consequently, these factors lead to social inflation[2], which is inclusive of anti-corporate sentiment, an increase of both frequency and cost of litigation, and wider access to funding for litigation. 

In this environment, all organisations need to focus on their cyber security controls. This includes specialist technology, protocols for responding to a cyber incident, and training for staff and customers alike.  For building societies, much of the risk is likely to centre on privileged access accounts and the risk of their details being exploited by criminal entities.  Any data breach involving the loss of third-party data could lead to claims from customers in addition to potential regulatory involvement. Effective privileged access account management is crucial in preventing ransomware incidents; attacks that can result in major fallout for both system availability and accessibility. Marsh believes that online security and protection is vital for customers in today’s digital banking world.

What is important from an insurance perspective?

According to the UK government’s Cyber Security Breaches Survey 2022, around four in five (82%) of boards or senior management within UK businesses rated cyber security as a “very high” or “fairly high” priority in 2022; a marked increase from 77% in 2021. Similarly, 50% of businesses say they now update the board on cyber security matters at least quarterly. As a result of this increased engagement, there is now a greater awareness and consideration of cyber issues. These are regularly being discussed during board meetings where the ability to provide quantifiable loss scenarios are examined to create a clear understanding of the financial, legal, and reputational fallout from a cyber-event. Tools such as cyber risk quantification, impact assessment, and an understanding of security strategy are now regularly applied during client renewal conversations as standard.

Risk managers are looking for economic solutions from their financial lines insurance broker in order to deliver bespoke risk reports for their respective building societies. This will aid them in managing and mitigating their cyber exposure. Other key strategies that are important to consider from a cyber perspective are reviewing insurer relationships across product portfolios, applying risk finance optimisation to assess cyber-loss impact, and combining financial lines with cyber coverage gap analysis.

 [1] Fake president fraud is a type of scam in which a criminal posing as a company executive convinces an employee to voluntarily transfer a large sum of money directly to the criminal’s account.

[2] Social inflation refers to the improved awareness and understanding of insurance cover and claims in society as a whole, which leads to an increase in claims costs.

Meet the authors

Will Davis

Will Davis

Vice President, Financial Institutions, FINPRO

Sarah Lightfoot

Sarah Lightfoot

Vice President, FINPRO