Cyber Risk

Data breaches are serious problems for firms because it leads to losing public trust and causes customer insecurity and detriment. Consumers can lose their identity, money, and sensitive data. It is the responsibility of a firm to communicate with their customers upfront about cybersecurity and measures they must take to prevent and protect their personal data and private information.

The GDPR (General Data Protection Regulation) and DPA (Data Protection Act) 2018 require organisations to implement appropriate technical and organisational security measures to protect personal data – or risk substantial fines.

Please find resources document here

Cyber Risk Technical Committee


The Cyber Risk Technical Committee has been set up to review the emergence of new cyber risks and to identify best practice in security measures that our members should be investing in.

Areas of focus

  •  Social engineering.
  •  Worms, trojans and viruses.
  •  Incident management.
  •  Cybersecurity governance.

Lisa Laybourn, Head of Technical Policy and Regulation leads on this work at TISA

Participating member firms

Chair: Clive Everett, SS&C DST

Deputy: John Harrison, Charles Stanley

A J Bell Management Limited

ACOLIN Fund Services AG


Aviva Plc

Brewin Dolphin Ltd

Brown Shipley & Co Ltd


Charles Stanley & Co Ltd



Optima Consulting Partners Limited

Quilter PLC

Redmayne Bentley


The Share Centre Ltd

Willis Towers Watson

Winterflood Securities Limited

Financial Crime Groups & Resources

Go to

Digital Groups & Resources

Go to

If you are a TISA member, and would like to get involved with the Cyber Risk work, please get in touch

Go to