Royal Holloway: Protecting investors from cyber threats

Cover Image

The cyber security of personal investors who use UK investment platforms to manage their pensions or savings is not well understood and not often discussed. Here we ask “What are the principal cyber threats to investors’ assets on UK investment platforms and what can be done to prevent or mitigate these threats?”

To put the research in context, this article summarises first how a growing number of personal investors are being ‘pushed’ online to use new and emerging technologies to manage their finances. Investment platforms are the technology of choice.

It then outlines the development of a maturing criminal economy that is well-positioned to attack personal investors in this evolving sector. Cyber theft from personal investors should be expected to increase, but are investment platforms prepared for such attacks? Cyber security professionals typically use strategic and operational threat intelligence models to make sense of (and thus prevent or mitigate) cyber attacks. This research demonstrates that existing threat models are inadequate to meet the new threats facing personal investors.

Using new synthesised real-world attack data, a new threat model is developed which focuses specifically on the risks to individual investors, not solely on the risks to investment platforms or banks. This allows us to offer some new insights into actual attacks on investors and provides a new threat intelligence capability to anticipate and defend against future attacks.

Mar 22, 2021
Mar 24, 2021
Research Content
Already a Bitpipe member? Log in here

Download this Research Content!