UK banks not ready for future cyber threats, research reveals

By Vriti Gothi

A report by Hack The Box reveals that many UK financial firms are unprepared for emerging cyber threats expected in the near future.

A large number of UK-based financial institutions are not adequately prepared for a new wave of powerful cyber threats expected to emerge in the coming years. Despite clear warnings from authorities and growing technological risks, most financial firms have yet to take meaningful action.

Hack The Box examined the annual reports of financial companies listed in the FTSE 350, one of the UK’s most important stock market indexes. The findings are concerning. Only a small portion of these firms have mentioned these future risks, and even fewer are actively hiring experts with the necessary skills to prepare for them. According to the research, just 14% of financial services companies addressed the issue, and less than 2% are currently recruiting for roles related to future-proof cybersecurity.

This lack of readiness comes at a time when UK authorities, including the National Cyber Security Centre (NCSC), have issued clear guidelines urging businesses to prepare now. These guidelines include a deadline to upgrade digital systems and defences by 2035. The aim is to ensure companies are equipped to handle cyber threats driven by next-generation technologies, which could render today’s security systems obsolete.

For the financial services industry, which handles vast amounts of sensitive customer data, this issue is particularly urgent. Delaying action could leave systems vulnerable to attackers who might steal encrypted data today and unlock it in the future, using more advanced tools that can break current encryption methods.

Haris Pylarinos, CEO, Hack The Box, said, “This doesn’t mean companies have failed but it does show they are at a turning point. If they wait too long, they may not have the people or tools needed to protect sensitive information. One big risk is that attackers might steal data now and unlock it years later, once modern technologies make it easier to break today’s security.”

To help address this gap, Hack The Box has launched a new hands-on training programme. The programme is designed to help cybersecurity teams develop practical skills for defending against future threats. By focusing on real-world simulations, the training aims to turn expert warnings into everyday action within companies. This type of learning environment is rare, and Hack The Box hopes it will lead to stronger defences across the financial sector.

The financial industry has always been a top target for cybercriminals, and the risks are only growing. While technology is advancing rapidly, it’s clear that many businesses are not keeping pace in terms of cybersecurity planning, hiring, and training.

The message is clear: the knowledge, tools, and training are already available. What’s needed now is leadership, awareness, and swift action. For UK financial firms, the time to prepare for tomorrow’s threats is today.