Visit our new website to find insights, case studies and more.
Visit our new website to find insights, case studies and more.
Visit our new website to find insights, case studies and more.
The better the question. The better the answer. The better the world works. У вас есть вопрос? У нас есть ответ. Решая сложные задачи бизнеса, мы улучшаем мир. У вас є запитання? У нас є відповідь. Вирішуючи складні завдання бізнесу, ми змінюємо світ на краще. Meilleure la question, meilleure la réponse. Pour un monde meilleur. 問題越好。答案越好。商業世界越美好。 问题越好。答案越好。商业世界越美好。



Maintaining trust in a global, interconnected, digital world

Trust is at the foundation of financial services. To win and maintain the trust of customers, financial institutions must demonstrate consistent dedication to preserving confidentiality, confirming the availability of systems and services, and maintaining the integrity of data. Regulators and all stakeholders who rely on functioning financial markets are demanding this focus.

Maintaining trust has never been more challenging. Cybersecurity threats have moved from attacks on individual institutions to attacks on the financial system at large. In response, regulators are heavily focused on systemic cyber risk and the contagion across firms and third parties. Regulators also expect financial institutions to enhance privacy protections on behalf of customers, who demand their confidential information be well protected across an expanding range of digitally accessible products and services. Financial institutions are transforming with new digital channels, automation and other advanced technologies, introducing real benefits along with new risks.

A new approach to addressing cybersecurity is clearly needed. Viewing cyber risk as an information-technology issue simply falls short. What is called for is an integrated cybersecurity risk management strategy which involves the resources and activities of the entire organization.

Our view is that cybersecurity starts with people – a successful approach has to be talent-centric. Cybersecurity is everyone’s responsibility, from the boardroom to the front line. Elevated awareness of cyber risks and training on how to address them are essential. Beyond awareness, everyone has a active role to play – including business executives, risk, compliance and audit professionals, operational teams, legal and others. Cybersecurity risk management is a team sport. A talent-centric approach depends on a cybersecurity-aware culture and includes training and awareness to be instilled throughout the organization.

A successful cybersecurity risk management strategy has to be:

  • Strategic and innovative: Embedded in strategic decision-making and able to adapt to, and benefit from, transformative innovation
  • Risk-managed and prioritized: Driven by well-governed risk alignment, risk awareness and risk prioritization throughout the enterprise
  • Intelligent and agile:  Able to deliver timely threat identification and response through strong situational awareness and threat intelligence
  • Resilient and scalable: Minimize impact of disruptions, while keeping pace with business growth

Integrated cybersecurity risk management enables financial institutions to achieve positive business outcomes, including improved regulatory alignment, more effective risk management, preservation of brand equity, and increased shareholder value. Such a strategy delivers and maintains trust in financial institutions and markets. Achieving those objectives has never been more important.


EY sees the opportunity

Our fully integrated and globally connected teams create a single, all-encompassing vision for managing cybersecurity risk. Seeing things from all angles means we put cybersecurity at the heart of our clients’ business strategy, to support innovation and help them gain a competitive edge in today’s digital world.

Latest insights

Loading topics...

Related content

March 2019

Podcast: How banks can supercharge their cybersecurity?

February 2019

Kris Lovejoy appointed EY Global Cybersecurity Leader, Advisory

October 2018

ALM Intelligence names EY a leader in cybersecurity consulting

May 2018

Cybersecurity: Risks to the financial services industry and its preparedness

March 2018

The New York State Cyber Rules: Year One and Beyond

March 2018

How to achieve readiness for GDPR compliance

30 January 2018

Europe's new data rules go much deeper than PCI — and many U.S. companies must comply

How to Optimize High-Value Asset Identification

Financial firms need an ongoing commitment to identifying and managing high value assets, which is critical to corporate agility, operations, resilience, and cyber defense.

Watch: Defending the next wave of cyberattacks

William Beer, EY Cybersecurity Principal, discusses trends and themes around recent cyberattacks, in this BBC interview.

How do you become a disruptor before you become disrupted?

“EY is among the market leaders in Information Security Consulting Services who demonstrated tenacious client focus, deep technical expertise, wide breadth of services, and substantial global reach.” — The Forrester Wave

Contact us

Cybersecurity Leaders

At EY, we understand the importance and complexities of cyber threats and information security in financial services. It's how we connect the right people and knowledge, creating teams that can keep clients ahead of market changes, through our insights, analysis and innovations.

EY - Sundeep Nehra
Sundeep Nehra
FS Cybersecurity Leader
United States
+1 212 773 3888
Steve Holt
Steve Holt
FS Cybersecurity Leader
United Kingdom
+44 20 7951 7874
Jeremy Pizzala
Jeremy Pizzala
Asia-Pacific and Global
FS Cybersecurity Leader
Hong Kong
+852 28469085
EY - Dave Burg
Dave Burg
Americas Advisory
Cybersecurity Leader
United States
+1 571 633 3628