Prism Infosec has become one of only 16 firms worldwide accredited to deliver CBEST cyber security testing to the country’s top financial institutions and FMIs.
The company, founded in 2006, specialises in penetration testing and regulatory-led cyber security assessments for financial institutions, government bodies, and major enterprises.
The acquisition of CBEST certification marks a significant milestone for Prism Infosec, enabling it to strengthen cyber resilience across the UK financial sector at a time when cyber-attacks are rising sharply. The company is now part of a select group of providers authorised to conduct these mandatory tests every three years, as required by UK regulators.
Prism Infosec offers a full suite of cyber assessment services, combining penetration testing with red team simulations to expose vulnerabilities in an organisation’s systems and defences. The CBEST framework, administered by CREST on behalf of the Bank of England, is designed to provide a clear picture of cyber resilience for financial institutions, enabling targeted remediation strategies to be implemented effectively.
Cyber breaches in the UK financial services sector have increased dramatically, rising from 187 reported attacks in 2021 to 640 in 2023, an increase of more than 240%. HSBC UK CEO Ian Stuart has previously highlighted cyber threats as his biggest concern, saying they “keep him awake at night” because “we can be attacked, and are being attacked, all the time.”
Prism Infosec already holds multiple industry-leading certifications, including STAR-FS accreditation for simulated cyber security testing, which it achieved in 2023. The addition of CBEST strengthens its position as one of the UK’s most trusted providers of threat-led penetration testing and cyber resilience solutions.
Prism Infosec founder and CEO Phil Robinson said, “The UK is a market leader in helping organisations bolster their defences against online threats. This is due in part to the skills, talent, and capabilities within our mature cyber security sector, thanks to our ever-evolving accreditation and certification schemes. CBEST is an example of this. It is a critical, intelligence-led test designed to help financial institutions and regulators – including the Bank of England, Prudential Regulation Authority, and Financial Conduct Authority – better understand a firm’s vulnerabilities and weaknesses. We combine penetration testing to evaluate technical security controls with red teaming, which simulates real-world attack scenarios to test an organisation’s response and resilience. This insight enables banks to take targeted remedial action to strengthen their defences against potential attacks and other forms of operational disruption.”
He added, “As an independent consultancy we’re proud to have achieved this world-class accreditation as a threat-led penetration testing provider under the CBEST scheme. Our team brings decades of experience delivering bespoke services across Critical National Infrastructure, government, and the banking and financial sector, supporting organisations in meeting and exceeding the required regulatory standards.”
For more, find on RegTech Analyst.
Keep up with all the latest FinTech news here
Copyright © 2025 FinTech Global
