Operations

11/9/2016
03:20 PM
Connect Directly
Twitter
RSS
E-Mail
100%
0%

DTCC Survey: Cyber Threat Ranked #1 Risk To Global Financial System

Despite geopolitical uncertainties, cyber threats are the financial industry's biggest worry, new data shows.

Cyber risk is the top-ranked overall risk to the global financial system, a new study released earlier this week found. 

The Q3 study conducted by The Depository Trust & Clearing Corporation (DTCC), shows 22% of respondents cited cyber risk as the single biggest risk, and 56% of respondents ranked it as a top five risk to the global financial system. Cyber risk was also ranked as the No. 1 risk in a Q1 survey by DTCC. 

Geopolitical risks, including the US presidential election outcome and Britain Exiting the EU (Brexit), also ranked in the  top 5 risks.   

Cybersecurity is not a new phenomenon to the list of concerns for the global financial system, says Michael Leibrock, chief systemic Risk Officer of DTCC. Respondents to previous DTCC surveys have listed cyber risk as a top risk since the launch of the first DTCC financial risks survey in 2013, says Leibrock. 

"Cyber risk has evolved from something that happened on an infrequent basis to happening on a regular basis globally and is impacting the financial services in a real way," Leibrock says.

The potential for cyberattacks to affect internal data as well cause financial and reputational losses may impact the weight of this risk, he notes. "Cyber risk is ever-present and is likely to stay here for the future." 

More eyes are on cybersecurity threats these days as the responsibility for security and risk management is delegated beyond those in traditional IT roles. "We've seen this natural evolution of cyber risk as an IT focused problem become a much broader business issue," says Stephen Scharf, chief security officer of DTCC. 

The study also found that North American financial organzations are more concerned about cybersecurity than the rest of the world: 57% of North American respondents cited it as a top concern, compared to 46% of the rest of the world. 

"It’s hard to know [why North Americans are more concerned with cyber risk than those in other parts of the world] without talking to all of the respondents," Leibrock says. "I just think that it could be a function of the some of the higher-profile incidents having happened in the US to North American companies. The European respondents are much more concerned about Brexit because it’s closer to home."

Dark Reading's all-day virtual event Nov. 15 offers an in-depth look at myths surrounding data defense and how to put business on a more effective security path. 

Regulatory agencies are paying closer attention to cybersecurity, he notes: three weeks ago, the Federal Reserve Board, OCC, and FDIC issued a joint advance notice of proposed rulemaking that proposed a regulatory framework around the security function, specifically how the CISO office and governance must be outside the first layer of defense. But input from multiple agencies can lead to a lack of clarity around process, Scharf warns.

"We've seen a number of new regulatory things come out specifically around cyber, and while we are extremely happy to see the regulatory community focus on cyber, there's not necessarily harmony that exists," Scharf says. "Different entities say this is how you should be doing cyber, but all have different opinions on how this should be done. We're trying to encourage harmonization in guidance so there is consistency."

Related Content:

Emily Johnson is the digital content editor for InformationWeek. Prior to this role, Emily worked within UBM America's technology group as an associate editor on their content marketing team. Emily started her career at UBM in 2011 and spent four and a half years in content ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Diane C.B130
50%
50%
Diane C.B130,
User Rank: Apprentice
6/22/2017 | 2:53:02 PM
Despite geopolitical uncertainties, cyber threats are the financial industry's biggest worry, new data shows.
Thanks for your details shearing. I am in dangerous Despite geopolitical uncertainties, cyber threats are the financial industry's biggest worry, new data shows.. I followed so many tips. The study also found that North American financial organzations are more concerned about cybersecurity than the rest of the world: 57% of North American respondents cited it as a top concern, compared to 46% of the rest of the world. 
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure Mentem,  7/19/2018
Number of Retailers Impacted by Breaches Doubles
Ericka Chickowski, Contributing Writer, Dark Reading,  7/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The State of IT and Cybersecurity
The State of IT and Cybersecurity
IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1503
PUBLISHED: 2018-07-23
IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely authenticated attacker to to send invalid or malformed headers that could cause messages to no longer be transmitted via the affected channel. IBM X-Force ID: 141339.
CVE-2018-1513
PUBLISHED: 2018-07-23
IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IB...
CVE-2018-6677
PUBLISHED: 2018-07-23
Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors.
CVE-2018-6678
PUBLISHED: 2018-07-23
Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors.
CVE-2018-14512
PUBLISHED: 2018-07-23
An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the form[nickname] parameter to the index.php?m=core&f=set&v=sendmail URI. When the administrator accesses the "system settings - mail ...