Login to profile

Launch of STAR-FS brings greater resilience to financial services sector

We are delighted to have collaborated with the UK’s Bank of England (BoE), Prudential Regulation Authority (PRA) and Financial Conduct Authority (FCA) on the latest framework for the financial sector, Simulated Targeted Attack & Response assessments for Financial Services (STAR-FS).

STAR-FS focuses on intelligence-led penetration tests (ILPT), providing financial institutions the opportunity to assess their cyber resilience using a consistent, high quality standard.

The assessment helps financial institutions better understand any vulnerabilities and improve their defences against potential attackers. By taking the appropriate remedial actions, they can both safeguard their businesses and infrastructure, and in turn protect the wider financial system.

CREST continues to champion and help drive forward the standards needed worldwide to meet the challenges and demands, not only within the financial sector, but across all industries potentially affected by cyber threats.

The launch of STAR-FS will bring even greater surety and stability to the financial sector, and as a leader within the global cyber security community, CREST will roll-out this vital assessment framework internationally.

The Bank of England, Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA) have concurrently announced following:

We are pleased to announce the launch of a new threat-led penetration test assessment for the UK Finance Sector. STAR-FS is now part of the PRA and FCA supervisory toolkit, which also includes CBEST, to assess the cyber resilience of firms’ important business services. This assessment enables regulators and firms to better understand vulnerabilities and take remedial actions, thereby improving the resilience of individual firms and by extension, the wider financial system.

STAR-FS promotes a threat-led penetration testing approach that mimics the actions of cyber threat actors’ intent on compromising an organisation’s important business services and the technology assets and people supporting those services.

STAR-FS aims to provide:

Here is a short list of STAR-FS unique features:

How to become accredited as a CREST STAR-FS provider:

To become CREST accredited to deliver STAR-FS assessments, please email to [email protected].  The accreditation requirements are:

The CREST UK STAR-FS Implementation Guide is available on the Bank of England website:  https://www.bankofengland.co.uk/financial-stability/operational-resilience-of-the-financial-sector.