Cybersecurity Should be Top of Mind for Financial Firms

From blockchain to connectivity via APIs (application programming interface), the financial industry is undergoing a digital transformation where processes are being automated and streamlined to provide a better customer experience.

With the increasing focus on digitalization, companies must not lose focus in safeguarding their internal operations. Image Courtesy: IFSEC Global

While the industry has made strides in adopting technology-based processes and increasing interorganizational connectivity, financial institutions shouldn’t neglect their responsibility to uphold stringent cybersecurity standards of their internal operations.

In the last five years for example, the financial industry has experienced several high-profile attacks including malware attacks on the Banco de Chile in 2018 and the infamous Bangladeshi central bank heist in 2016 where US$81 million was stolen by hackers.

In fact, concerns about cyber-security within financial services is probably one of the top roadblocks for companies when looking to revamp their internal treasury management operations. This is according to a recent survey conducted by Asset Benchmark Research (ABR) where 59% of CFOs/treasurers polled said that concerns over cybersecurity and the safeguarding of sensitive data were the reasons for not implementing digital treasury functions.

The reliability of a financial institution’s cyber-security processes is increasingly becoming a persuasive factor for companies when selecting a service provider to partner up with 56% of survey ABR participants saying that a bank’s ability to detect cyber-fraud would greatly improve the chances of working with a particular institution.

The immediate reality of cyber-security is something that all banks of all sizes need to grapple with at some point of their development particularly if they are looking at increased digitalization.

“Cyber-threats exist regardless of the bank’s size or location. Smaller banks in developing markets often have fewer resources for cyber defense and internal controls, making them an easy target for financial theft,” observes Sophia Lee, vice president and senior credit officer at Moody’s. “In contrast, larger banks in advanced and wealthy markets have more resources but are at greater risk because of more widespread digitalization and the high value of the data they house.”

According to a recent research note by Moody’s, most cyber-attacks on banks involved distributed denial of service (DDoS) where cybercriminals overload a financial institution’s server with information causing a slowdown in online services.

The research note suggests that a successful attack on a large, highly interconnected bank could pose  systemwide risk. A study by the Ponemon Institute estimates that the average annual cost of a cyber-crime for a company in a bank sector was around US$18.4 million in 2018.

Despite the concerns over cyber-security within banking and finance, there are nevertheless counteractions being put in place to ensure reliability across the sector. Government regulation that encourages banks to invest in cyber-security will be a significant catalyst for banks to upgrade their security processes. For instance, in South Korea there is a law stating that 7% of a financial institution’s budget should be dedicated to cyber-security.

However, financial firms cannot do this on their own and must also rely on the proactiveness of the companies they serve to also safeguard their own information. With cyber-security being a chief concern for many businesses, CFOs and treasurers shared on the ABR survey that they are putting in place measures to enhance cyber-security internally with most establishing a well-controlled environment (e.g. token logins and two-factor authentications) or by educating colleagues on best practices on cyber-security.

Source: The Asset