Today, financial services firms operate in a world of increasing technological advancements, complexity and international markets.
Our firms face new cybersecurity risks daily, delivered from any corner of the world. Cyber-attacks are costly. A recent report has shown that cyber breaches are projected to cost the global economy $6 trillion by 2021. Not only are the financial implications high, but the damage to your firm reputation can be just as significant.
What is cyber resilience?
Cyber resilience is an organisation’s ability to continue operating, and recover promptly, despite suffering from an adverse cyber incident. It is a subset of operational resilience and, while subtly different, it is related to technology resilience.
IBM’s 2016 Cyber Security Intelligence Index says that healthcare, financial services, and manufacturing are the top three sectors targeted by hackers due to of the vast quantity of personal information and potential monetary gain that exist in those fields.
As noted by IBM’s 2016 Cyber Security Intelligence Index, the financial services industry is particularly vulnerable to cybercrime. These cyber-attacks on financial firms individually, and the financial system at large, continue to expand and evolve at an increasing pace. Given the significant role that technology plays in financial services, cyber resilience is critical to both individual firms and the market as a whole. Operational resilience within financial firms is essential for maintaining financial stability and confidence in UK financial services. Various governing bodies have weighed into recent conversations about cyber resilience within financial markets.
The Bank of England has been clear that firms need to be fully prepared for disruptions, regardless of their source. They have stated, “Extending beyond business continuity and disaster recovery, firms must have plans in place to deliver essential services, no matter what the cause of the disruption. This includes man-made threats such as physical and cyber-attacks, IT system outages and third-party supplier failure as well as natural hazards such as fire, flood, severe weather and pandemic flu”.
The Financial Conduct Authority has also adopted the view that companies need to focus on their cyber resilience. A recent statement said, “At the FCA, we want firms to be resilient and robust. That means you understand what to protect, how you can swiftly detect an attack, and how you can respond and recover. If you can do these, you will have built a successful foundation for cyber resilience”.
As technology develops, and cyber criminals invent new ways of attacking these technologies, it is becoming increasingly important to make cyber resilience an integral part of your firms strategy. Companies such as Equifax have experienced first-hand how not following a structured approach to cybersecurity and resilience can negatively affect a business’s bottom line and reputation. When they suffered a cybersecurity breach in 2017 affecting 150 million people, it ultimately cost them $1.4billion in remedial work.
Such breaches are not the bane of large firms alone. Cybercriminal target companies of all sizes and wreak havoc. Can your firm afford to not be prepared?
Download our ‘Building a cyber resilient firm’ to learn more about how effective planning and a structured approach to cybersecurity can help protect your business.Download white paper