Latest News

Why financial services leaders must reframe their perception of cybersecurity

By Lewis Duke, SecOps Risk & Threat Intelligence Lead, Trend Micro.

Every person perceives the world in a unique way. Yet when it comes to cybersecurity, global financial services (FS) executives seem to gravitate towards a similar, rather negative view. New research reveals that 43% of global FS business leaders see security more as a barrier than an enabler. This matters, because if negative perceptions persist, security investment is likely to remain piecemeal and reactive. That could expose FS firms to excessive business risk and even derail important transformation programmes.

To move beyond this, to a more constructive relationship between business and IT/security leaders, both sides will need to change.

Perception and reality

These are tough times to be a FS player. Rising interest rates have made borrowing eye-wateringly expensive, while inflation continues to hit consumers and businesses hard. After two years of pandemic-era uncertainty, we now have a period of economic softening underpinned by geopolitical volatility, of a sort many of us had hoped was a thing of the past. In this context, FS businesses should be looking for any opportunity to drive employee productivity, win new business and optimise operations.



Cybersecurity plays a critical role in all of these aspects, and more. In fact, most FS business leaders acknowledge this. Take new business. Over three-quarters (77%) of FS execs say prospects and suppliers have been asking about their security credentials with growing frequency. Most are worrying about their ability to keep up with these demands as a result. And 85% think their security posture could impact their ability to win new business. A quarter say it already has.

Yet at the same time just 62% even see a strong connection between security and client acquisition. Granted, this is over half of respondents. But why isn’t the figure even higher, given the number concerned about their future growth prospects?

In a similar way, most FS execs understand that the ability to work from home will be critical to recruiting the brightest and best talent. And half have seen how security policies can cause friction in this remote working experience. A quarter have experienced a breach which impacted employees, for example. So why is it that less than half of business leaders see the link between security and employee retention/talent attraction? If bad security can negatively impact the employee experience, surely better thought-out policies and enforcement can do the opposite?

Finally, take data analytics. The vast majority (94%) of FS business leaders agree data-driven insight could unlock cost savings – higher than the figure for any other sector. Two-thirds (65%) complain that current security policies are creating information silos which are a barrier to these efforts. Yet only 58% see a link between security and data insights – even though unified security platforms and better policy could break down data silos. Similarly low numbers link security to driving new revenue streams, profitability and innovation – all FS business priorities that data-driven insight can help to achieve.

Who needs to change?

Some of these perceptions are certainly grounded in reality. Poor policy and security point solutions do tend to create information silos. They can negatively impact the employee experience and fail to reassure potential new customers. But it’s perplexing that so many business leaders in financial services don’t get that security can also be a force for positive business growth – helping to win new customers, secure and unlock data insight, and improve employee satisfaction.

There’s a challenge here on both sides of the divide. CISOs need to change their language to that of business risk, in order to engage the board and improve awareness. But business leaders must also recognise the potential in cyber as a growth enabler, and lead from the front by taking greater accountability for initiatives. With a unified, platform-based approach to security and updated policies fit for the new hybrid workplace, cyber teams can break information silos, and uncover and mitigate risk across the enterprise. Currently only 67% of business leaders believe they have good visibility into their attack surface. Even this may be an over-estimate, given the speed with which these environments are growing due to digital investments.

The bottom line is that around half of FS business leaders view cybersecurity as a necessary cost but not a revenue contributor. A similar share believes its role is limited to threat prevention. In reality, cybersecurity is far more important than this. It provides the foundations on which successful digital transformation can be built, while minimising the impact and volume of financially and reputationally damaging incidents. Organisations that realise this usually lead their respective industries.

So it’s not enough that 60% of FS firms plan to increase security investment this year. Where and how that money is spent will ultimately define their success.


Share Story:

Recent Stories

Russia calls for global economic integration despite sanctions

Mastercard launches programme for FinTech start-ups

AI in financial services poses ‘significant risks’ warns US Treasury secretary


Safeguarding economies: DNFBPs' role in AML and CTF compliance explained
Join FStech editor Jonathan Easton, NICE Actimize's Adam McLaughlin and Graham Mackenzie of the Law Society of Scotland as they look at the role Designated Non-Financial Businesses and Professions (DNFBPs) play in the financial sector, and the challenges they face in complying with anti-money laundering and counter-terrorist financing regulations.

BANNER

Ransomware and beyond: Enhancing cyber threat awareness in the financial sector
Join FStech editor Jonathan Easton and Proofpoint cybersecurity strategist Matt Cooke as they discuss the findings of the State of the Phish 2023 report, diving into key topics such as awareness of cyber threats, the sophisticated techniques being used by criminals to target the financial sector, and how financial institutions can take a proactive approach to educating both their employees and their customers.

Click here to read the 2023 State of the Phish report from Proofpoint.

Cracking down on fraud
In this webinar a panel of expert speakers explored the ways in which high-volume PSPs and FinTechs are preventing fraud while providing a seamless customer experience.

Future of Planning, Budgeting, Forecasting, and Reporting
Sage Intacct is excited to present FSN The Modern Finance Forum’s “Future of Planning, Budgeting, Forecasting, and Reporting Global Survey 2022” results. With participation from 450 companies around the globe, the survey results highlight how organisations are developing their core financial processes by 2030.

© 2019 Perspective Publishing     Privacy & Cookies