UK financial services regulator to link top banker bonuses to IT performance – ComputerWeekly.com 16 Jan 2019
Financial Services Firms Face Increasingly High Rate of Cyberattacks – biztechmagazine.com 27 Sep 2018
How a Cyber Attack could cause the next Financial Crisis – Harvard Business Review 14 Sep 2018
Deloitte hit by cyber-attack revealing clients’ secret emails – The Guardian 25 Sep 2017
Anyone working in financial institutions should be aware of how important cyber security is to any organization.
In fact, some specialists think that the next financial crisis will come, not from a financial shock as in the GFC, but from a cyber-attack bringing the financial system screeching to a halt and causing massive economic disruption as a result.
We have already seen banks in SEA having ATM’s disrupted for a short period of time. Imagine if a cyber-attack stopped people from getting cash out to buy food and credit cards didn’t work for a while? A system wide cyber-attack could be orchestrated by a rogue nation or just be the result of cyber criminal’s malware going viral…sorry for the pun.
The simplest slip of your defenses can bring any institution crashing to its knees.
There are three types of defenses –
1. Good processes, policies and procedures
2. Top IT protection including fire walls and virus protection software
3. Well informed and well-trained employees throughout the institution
People may think that if management set down good procedures and policies and have the latest IT protection then that will suffice. Many institutions think that if they train their key IT people, and a few others, this is all is needed on the human side, but if that is the policy then a bank or company is leaving themselves open to unnecessary risk.
Everybody who has access to ANY computer, tablet or tool that is connected to the company system needs to be trained in Cybersecurity. It only takes malware entering through an innocent attachment on a recognized email address, a friendly looking USB or storage device, or use on the wrong Wi-Fi and suddenly you are in real trouble and may not even know about it.
Even companies that are experts in Cyber Security can be made to look to have eggs on their faces if they get complacent. As an example, Deloitte’s, one of the top “big four” accounting firms globally, who provide cybersecurity advice to banks and multinationals, were the victim of a cybersecurity attack that went unnoticed for months and in which hackers may have accessed usernames, passwords and personal details of top accountancy firm’s blue-chip clients. The damage it caused reputationally and financially is difficult to quantify.
And to make sure Banks take notice of the risk and act, the regulators are taking action. In the UK, the FCA will reduce the bonuses of bank leaders if security failures at banks cause disruption and outages to customer services or data breaches. The FCA has identified a worrying increase in IT failures at banks. Bank have massive IT operations and as they move to new technologies, driven by competition and customer demand, IT failures are increasing and causing problems for customers.
Banks should take this seriously and ensure all three sides of the Cyber defense are bolstered, if nothing else than to protect them where it most hurts, in their pockets. But in many ways the biggest penalty to any financial institution is in its damage to its reputation and perception of trust in its customers eyes. And Cyberattacks are increasing in ferocity and regularity. Training all staff on how to behave so that needless breaches are avoided is key and if recognized by authorities can also save money in insurance premiums as well as preventing obvious potential financial and reputational loss.
As usual it starts with the fundamentals -
Intuition has an excellent Cybersecurity module which prepares an institution’s employees with the knowledge and skills to become part of a key defense against cyber-attacks. It provides initial training which is followed up with one year of analytics and new information on fresh cyber threats and how to deal with them.
The Intuition Know-How Library consists several tutorials related to this article:
Operational Risk Management
Global Financial Regulation
For Intuition blended learning related to this article, some of our popular workshops include:
The topics covered in Intuition Asia Perspectives are current developments or topics currently in the market. Intuition Asia provides bespoke learning solutions, both eLearning and Instructor-led courses. These can also be blended in a program to provide the most effective form of learning. These workshops can be structured as lunch & learns, webinars or full day deliveries. Clients can use these to keep their workforce updated with the latest developments in the market and complete their mandatory CPD learning hours.
Please download Intuition Perspective App from app store