Cybersecurity
People often ask banking firms what keeps them up at night - and cybersecurity increasingly tops the list.
Banks handle some of the most sensitive information, from account and credit-card data to personal identification. With the financial health of both individuals and businesses on the line, cybersecurity is essential for banking institutions. Unfortunately, it's also under attack more than ever before.
Banks are prime targets of cyberthreats. These threats have dramatically changed how we should think about information security, for the following reasons:
- Financial institutions rely increasingly on systems and data being interconnected
- Attackers are often highly skilled and elusive
- Cyberattacks are scalable and becoming easier to carry out
Cyber-related incidents represent a growing threat to the reputation and economic stability of financial institutions. The initial question is no longer "if", but "when" a cyberattack will occur. And then, the question is "much" it will cost the bank (both directly and indirectly).
Cyber threats
What to consider
- Integrate cybersecurity
- Find the regulatory balance in the guidance
- Establish an independent second line of defence
- Anticipate risks from third parties
- Speed up innovation by focusing on cybersecurity up front
- Invest in people
Integrate cybersecurity
You will improve your ability to ward off threats by combining analytics from pooled data, strengthening your risk-management environment, and implementing controls more effectively.
Find the regulatory balance in the guidance
Focus first on building a robust, risk-based cybersecurity programme. This can help you achieve your broad strategic objectives while also complying with regulatory requirements.
Establish an independent second line of defence
Keep your security governance and oversight capabilities separate from cybersecurity design, implementation and operations. Additionally, the most mature institutions should implement a "line 1.5" into their operations.
Anticipate risks from third parties
Recognise the potential for increased risks when outsourcing. Collaborate with third-party vendors to make sure they take the right measures to protect your data.
Speed up innovation by focusing on cybersecurity up front
When designing and developing new digital products and services, you should integrate cybersecurity and privacy in the early stages.
Invest in people
Your people are the first line of defence and will make a huge difference in all situations, both preventing and detecting cyber-risks.
How PwC can help
Our team of cybersecurity experts helps our clients tackle one of the biggest issues facing the banking industry. They help you assess, prevent, detect and resolve cyber-risks.
For more information on how PwC can help with cybersecurity issues, explore our cybersecurity services.
Contact us
Koen Maris
Advisory Partner, Cybersecurity & Privacy Leader, PwC Luxembourg
Tel: +352 49 48 48 2096
