Executives at financial services companies are increasingly concerned about risks, but as technology becomes more integrated in managing financials, more executives say that cybersecurity is increasingly becoming the most important type of risk, according to a new Deloitte survey, Global Risk Management Survey, 11th Edition.
When asked which risk types would grow in importance over the next two years, 67% of financial services executives named cybersecurity, according to the report, up from 41% in 2016.
Despite identifying the increased risk from cyber, approximately half of the respondents said their companies are extremely effective or very effective at managing this risk. When looked at in different categories, 58% of respondents said rated their organizations as effective at managing disruptive attacks, 57% for financial losses or fraud, 54% for cybersecurity risks from customers and loss of sensitive data, and 53% for destructive attacks.
When asked about managing risks from nation-state attacks, though, only 37% of financial services executives felt their institutions were effective.
Still, the study reflected a continued growth in cybersecurity risk awareness, with only 31% of respondents saying it is a challenge to “get the businesses to understand their role in cybersecurity risk,” down from 47%.
The concerns are not unwarranted, particularly given the news that more than 24 million banking and financial records were left exposed. Protecting the financial services sector from increasing cybersecurity risks is one reason banks, fintech companies, data aggregators and others have joined a nonprofit by FS-ISAC with the goal of creating and supporting a unified API standard that allows consumers and businesses to share data with greater confidence and control.
“Balancing financial innovation with the critical need for data security is one of the main reasons we created the Financial Data Exchange (FDX),” said Don Cardinal, managing director of FDX. “This is the first time the industry has come together to fund a single standard that secures financial data sharing.”
Source: InfoSecurity Magazine