Opinion & Analysis

Cybersecurity in Finance: Getting the policy mix right!

With the inexorable rise of e-commerce comes the inexorable rise of the e-criminal.

Cybercrime is now the world’s fastest growing crime. It has leapt to number two of the top ten business risks worldwide, from not even appearing in that list five years ago. For certain countries, cyberattack is now the risk of greatest concern. Gone are the days of concern about a low level hack of a website by a script kiddie. Today’s attackers are multi-faceted and increasing in sophistication, ranging from advanced persistent threats, corporate espionage, organised crime and ‘hactivists’ to cyberterrorists, ever more competent, and ever better funded. Cybersecurity has moved from being a technical issue to a political and boardroom issue. Financial markets are particularly important as they oil the wheels of all member state economies.

So what should the priorities of cybersecurity be? Is the rise of cybercrime so fast and extensive that we should be changing the focus more to one of cyber resilience? There are three core themes to address:

1. Governance (at all of organisational, international and national levels)

2. Risk Management (both contextually and intelligence driven)

3. Capability (cybersecurity by design and by default, using a standard framework applied to context)

There is a multitude of issues that the financial sector needs to address. Our Task Force has chosen to focus on certain key issues rather than attempt to produce an encyclopaedic tome. Any report can only represent a snapshot in time and it will be particularly important to continue to communicate as technology and the threat advances. I hope that the work that our Task Force has undertaken in producing this report will make a valuable contribution to the advancement of cybersecurity policy and protection and safeguarding of the economies of the EU member states and the financial markets on which they depend.

Read the full report here