How resilience is key to the finance world’s war on cybercrime
The finance sector is naturally a magnet for cybercrime.
The threat is such that G20 finance ministers and central banks said “malicious” IT could “undermine security and confidence and endanger financial stability.”
As banks and financial institutions continue to digitize, the scale of threats is growing, and the cost of incidents is rising.
According to a report by Reserve Bank of New Zealand (RBNZ), cyber incidents in the banking sector could cost up to US$65.9 million every year. That equates to roughly 34 percent of the industry’s annual net profits.
But while financial losses can be recovered, in an industry that relies on it, the same can’t always be said about trust and credibility, and reputations can be severely damaged as well.
Despite the high stakes, the industry hasn’t shied away from digitizing progressively to modernize finance functions, improve financial services, and tap into emerging, lucrative market opportunities.
Increased use of information and communication technologies, such as cloud computing and, of course, robust cybersecurity measures themselves are steadily enabling this transformation.
But today, cyberattacks continue to happen and the threat landscape continues to evolve – even against improved security measures.
That doesn’t mean that cybersecurity solutions are ineffective, instead, it highlights the lack of resilience against the growing state of risk.
Put simply, cybersecurity alone won’t cut it. As they onboard new technology, firms and institutions must now build cyber resilience.
RBNZ cited cyber resilience as “the ability to withstand, contain, and rapidly recover from a cyber incident by anticipating and adapting to cyber threats and other relevant changes in the environment.”
Building cyber resilience takes more than just deploying security solutions; it is about prioritizing a security-first mindset, practicing a work culture that ingrains security at every operational process, and strategizing security measures with agility in mind.
At the same time, resilience involves investing in and equipping the network operating system with the right capabilities to tackle threats without causing so much downtime.
The key here is to make sure financial data is protected, backed-up and can be recovered to maintain clients, stakeholders and investors’ confidence.
The bank also said: “If a cyber incident compromises the availability, integrity, or confidentiality of this data, then it can lead to panic and flow-on effects that lead to instability in the financial system.”
Clearly, the paradigm of cyber resilience transcends the mere notion of leveraging a solution to fend off attacks – it is about being one step ahead of threats and never letting it disrupt operations.
When cyber resilience is non-existent, financial stability will be compromised. Building resilience is, without a doubt, a vital digital transformation strategy that will be discussed more extensively in the very near future.
As financial operating network systems grow more complex and digital every day, ingraining a culture of readiness to face threats and risks needs to be a part of the institutions’ DNA.
Without it, the industry can only dream of being stable, reliable and credible in an aggressively competitive digital market.