British banks and other financial services firms were given three months on Thursday to explain how they can avoid damaging IT breakdowns and respond to the growing threat of cyber attacks.