How are financial services institutions tackling operational resilience in an evolving threat and regulatory landscape?


FStech and Pure Storage are conducting a survey of financial services providers to assess how they are approaching their operational resilience strategy.


Questions
1. Which of the following is currently your organisation’s biggest operational resilience challenge? [select one option]
Cybersecurity
Third-party risk
Fraud
Business systems disruption / failure
Complex regulatory changes
2. What are currently your organisation’s top barriers to rolling out a successful operational resilience strategy? [select top three]
Data quality / access to data
Lack of education / knowledge
Leadership buy-in
Vendor lock-in (cloud)
Legacy technology
Manual processes / human error
Budget / funding
Complex regulatory changes
Ever-changing threat landscape
3. Which of the following data challenges are creating a barrier to successful operational resilience strategy and meeting regulatory compliance? [select all that apply]
Legacy technology
Manual data processing
Inadequate data storage
Data silos
Poor data quality
Lack of data sharing
Lack of data integration
Incomplete data sets
4. How has the changing cyber threat landscape over the past few years impacted how your organisation manages and protects its data? [select all that apply]
We have rolled out security awareness training
We have spread our data across geographies
Data security has become more of a priority
We have strengthened data resilience with multi-layered architecture
We have implemented new data storage solutions
We have modernised the data protection environment i.e. back up and recovery, business continuity, ransomware mitigation
We have implemented a security and incident event management platform
We have rolled out more authentication options i.e. two factor authentication, voice, biometrics
We have improved our audit trails
It has not impacted how we manage and protect our data
5. How far advanced is your organisation when it comes to mitigating risk by spreading data across geographies in order to meet upcoming regulations? [select one option]
We have completed our long distance third site data copy strategy, with our data spread across multiple geographies to mitigate risk and meet upcoming regulations
We have made progress on our strategy to spread data across geographies, but we still have some way to go
We are in the early stages of planning a strategy to spread our data across geographies to mitigate risk
We have no plans to spread our data across different geographies
6. As part of upcoming operational resilience regulations, financial services providers are expected to prove to the regulators that they can successfully recover in the event of disruption. How prepared is your organisation for upcoming operational resilience regulations? [select most appropriate answer]?
We are totally prepared for all upcoming operational resilience regulations
We are somewhat prepared for upcoming operational resilience regulations, with some parts of the organisation prepared and others with some way to go
We are in the early stages of preparing for upcoming regulations
We are not at all prepared for upcoming operational resilience regulations
7. To what extent are you concerned that upcoming operational resilience regulations are driving complexity within your organisation? [select most appropriate answer]
Very concerned
Somewhat concerned
Not at all concerned
8. What are your top priorities when it comes to meeting operational resilience regulations over the next 12 months? [select top three]
Modernising the data protection environment
Implementing a security and incident event management platform
Enabling cyber protection features
Increasing knowledge by attending more events
Implementing more training
Rolling out a multi-layered data architecture
Improving data storage quality
Implementing an ICT risk management framework
Running scenario testing
Mitigating risk by spreading data across geographies
9. On the day of a cyber-attack, how prepared is your company to successfully mitigate the impact across your organisation and its customers? [select one option]
We run regular scenario testing and have tackled real incidents in the past which means we are totally prepared to mitigate the impact of a cyber-attack
We are somewhat prepared to mitigate the impact of a cyber-attack but we still have some way to go to ensure the best outcomes
We are not yet prepared to successfully mitigate the impacts of a cyber-attack but we are in the early stages of planning a strategy to enable the organisation to do so
We are not at all prepared to mitigate the impacts of a cyber-attack
10. What is your organisation’s main source of support when planning or preparing for upcoming operational resilience regulation? [select one option]
Internal guidance
Vendors
External network i.e. events, conferences, webinars
Partners
Membership bodies / industry associations
Regulators
Engaging with peers / other financial institutions
Please complete your details below.

Data Use:
By ticking this box you are agreeing to provide FStech (and its publisher PPL) with your contact details. These details may be used by the publisher to distribute email news, provide information and updates. This information will not be provided to third parties (except the sponsor of this particular survey Pure Storage). Please note that all data is stored on EU-based storage systems, and that all PPL electronic communications have an unsubscribe function. In addition by checking this box, I authorise Pure Storage, Inc. and its affiliates ("Pure") and its authorised partners to use my personal data in order to receive information and updates regarding Pure products, services, surveys and events. The information you provide us will be used in accordance with the terms of the Pure Storage Privacy Notice.
© 2019 Perspective Publishing     Privacy & Cookies