Deloitte Insights

Taking cyber risk management to the next level

Lessons learned from the front lines at financial institutions

Taking cyber risk management to the next level In today’s world, BANKS, investment companies, and insurers are prime targets for cybercriminals looking to steal money or information, disrupt operations, destroy critical infrastructure, or otherwise compromise data-rich financial services institutions (FSIs).

Within this paper, you will find valuable information pertaining to the subject, through research and interviews conducted under a variety of headers such as;

  • Money is no object: An embarrassment of riches for cyber risk management
  • CISOs stuck between a rock and a hard place while juggling multiple priorities
  • CISOs striving to innovate while struggling with new tech tools and organizational transformation
  • Cybersecurity starving for “triple-threat” talent 
  • Risk metrics remain a Tower of Babel as reporting responsibilities overwhelm CISOs
  • CISOs need help connecting the dots with intelligence sharing and analytics
  • Looking ahead: No rest for the weary in cyber risk management

“The reality is, cybersecurity risk management is an ongoing journey, never a destination.” Therefore, CISOs will need to be continuously on guard and innovative to keep up, let alone stay ahead of the bad guys trying to break into their systems 24/7. Whereas FSIs may have covered most of the bases in terms of raising awareness of cyber risks, the next frontier is to influence actual behaviour. Are stakeholders acting on their awareness, or merely “checking the box” when alerted about potential cyber vulnerabilities?

Did you find this useful?