Trust is the foundation of financial services, but maintaining trust has never been more challenging. Cybersecurity threats have moved from attacks on individual institutions to attacks on the financial system at large.
In response, regulators are heavily focused on systemic cyber risk and the contagion across firms and third parties. Regulators also expect financial institutions to enhance privacy protections on behalf of customers, who demand their confidential information be well protected across an expanding range of digitally accessible products and services. Financial institutions are transforming with new digital channels, automation, and other advanced technologies, introducing real benefits along with new risks.
A new approach to addressing cybersecurity is needed. Viewing cyber risk as an information-technology issue falls short. What is called for is an integrated cybersecurity risk management strategy which involves the resources and activities of the entire organization.