People often ask banking firms what keeps them up at night - and cybersecurity increasingly tops the list.

Banks handle some of the most sensitive information, from account and credit-card data to personal identification. With the financial health of both individuals and businesses on the line, cybersecurity is essential for banking institutions. Unfortunately, it's also under attack more than ever before.

Banks are prime targets of cyberthreats. These threats have dramatically changed how we should think about information security, for the following reasons:

  • Financial institutions rely increasingly on systems and data being interconnected
  • Attackers are often highly skilled and elusive
  • Cyberattacks are scalable and becoming easier to carry out

Cyber-related incidents represent a growing threat to the reputation and economic stability of financial institutions. The initial question is no longer "if", but "when" a cyberattack will occur. And then, the question is "much" it will cost the bank (both directly and indirectly).

Cyber threats

Cyber threats

What to consider

Integrate cybersecurity

You will improve your ability to ward off threats by combining analytics from pooled data, strengthening your risk-management environment, and implementing controls more effectively.

Find the regulatory balance in the guidance

Focus first on building a robust, risk-based cybersecurity programme. This can help you achieve your broad strategic objectives while also complying with regulatory requirements.

Establish an independent second line of defence

Keep your security governance and oversight capabilities separate from cybersecurity design, implementation and operations. Additionally, the most mature institutions should implement a "line 1.5" into their operations.

Anticipate risks from third parties

Recognise the potential for increased risks when outsourcing. Collaborate with third-party vendors to make sure they take the right measures to protect your data.

Speed up innovation by focusing on cybersecurity up front

When designing and developing new digital products and services, you should integrate cybersecurity and privacy in the early stages.

Invest in people

Your people are the first line of defence and will make a huge difference in all situations, both preventing and detecting cyber-risks.

How PwC can help

Our team of cybersecurity experts helps our clients tackle one of the biggest issues facing the banking industry. They help you assess, prevent, detect and resolve cyber-risks.

For more information on how PwC can help with cybersecurity issues, explore our cybersecurity services.

Contact us

Koen Maris

Advisory Partner, Cybersecurity & Privacy Leader, PwC Luxembourg

Tel: +352 49 48 48 2096

Stay Connected: