Most organizations today acknowledge that they must embrace new technology and continually innovate in order to remain competitive and relevant. However, in the rush to modernize their systems and operations, many introduce vulnerabilities across their business, and expose themselves to a growing number of risks. This can happen, for example, when moving critical systems into the cloud. Cyber-preparedness and -planning are further complicated by the evolving regulatory and threat landscape. This, coupled with other developments and trends, makes for a challenging situation in safeguarding cybersecurity as a risk function while also enabling the business and protect customers, products, production and supply chains whilst staying within budget restrictions.
A comprehensive cyber posture assessment is a practical approach to address these challenges. It reveals whether the current setup is able to meet evolving cyber threats and highlights focus areas for future investment. In the Swiss market, we observe growing demand for assessments to prepare for the migration of critical IT systems into a public cloud. For financial services institutions in particular, this move is further complicated by applicable FINMA regulations such as the Circulars 18/03 “Outsourcing” or 08/21 “Operational Risks for Banks”. Given the far-reaching impact of the topic, the quality of such an assessment is extremely important. A good assessment will add value, provide guidance to adhere to relevant regulations, be based on industry best practice and be tailored to the unique threat scenario of the organization.