"We are being attacked all the time," says banking giant CEO
Cybersecurity has become HSBC UK’s largest operational cost, chief executive Ian Stuart has told a parliamentary committee, with spending in the hundreds of millions of pounds to protect the bank’s systems from constant digital threats.
“We are being attacked all the time, so the defence mechanisms that you put in are absolutely critical,” Stuart said. “This is our biggest expense in business.
“The amount of money that banks, all of us, will be spending on our systems is enormous today – and it has to be. It has to be because our customers rely on digital technology all the time.”
Stuart appeared before the House of Commons Treasury Committee earlier this week to address rising concerns about cyberattacks targeting major businesses, including recent disruptions at retailers such as Marks & Spencer and the Co-op.
How are banks defending against cyber threats?
— Treasury Committee (@CommonsTreasury) May 21, 2025
Ian Stuart, CEO of HSBC UK, outlines the scale of the challenge and how banks are investing to protect against hackers 👇 pic.twitter.com/rCpKycBK0m
Stuart (pictured below) noted the increasing reliance on digital services, especially as banks reduce branch numbers and shift customers towards mobile and online banking. He said HSBC processes approximately 1,000 payments per second and carries out around 8,000 changes to its IT infrastructure each week. While acknowledging that no financial institution can guarantee uninterrupted service, he said the focus is on rapid recovery.
The comments come amid heightened scrutiny of IT performance in the financial sector. Between January 2023 and February 2025, customers at leading banks and building societies in the UK experienced more than a month’s worth of service outages, according to recent data. These figures exclude the full impact of a major disruption at Barclays that began in late January and affected over half of its online payments during a key payroll period.
Barclays UK chief executive Vim Maru also addressed MPs, attributing the January outage to faulty software from a third-party supplier.
“A software issue was the root cause, and we worked with a third-party provider that provides us with that software,” he said. “We’ve learned the lessons around that. We’ve put a fix in place that means that we won’t have a recurrence.”
Want to be regularly updated with mortgage news and features? Get exclusive interviews, breaking news, and industry events in your inbox – subscribe to our FREE daily newsletter. You can also follow us on Facebook, X (formerly Twitter), and LinkedIn.
