The financial services industry -- one of the most security-savvy and security-forward verticals in the world -- is increasingly getting nervous about cyberattacks.
A new report published today by the Depository Trust & Clearing Corporation (DTCC) for the third quarter of 2014 found that 84% of financial firms ranked cyberrisk as one of their top five concerns, up from 59% in the first quarter of this year. Next in the top five is the impact of new regulations (64%), geopolitical risk (62%), sudden dislocation in financial markets (43%), and disruption/failure of a key market participant (32%).
"No institution -- large or small, public or private -- is immune to a potential cyberattack," said Mark Clancy, DTCC corporate information security officer and CEO of Soltra. "All of us need to become agile in response to these rapidly evolving threats by being able to share information about attackers’ activities between multiple stakeholders and shifting the model from individual institution’s static defenses to dynamic community responses. This shift requires both the maturation of operational capabilities and public policy frameworks to be successful."
The threat is real, given the long shadow of the massive breach at JPMorgan Chase revealed this month. Personally identifiable information (PII) for more than 76 million households and 7 million businesses were affected by the attack on the financial firm.
Close to 40% of financial firms say the probability of a "high-impact event" on the global financial system has intensified the past six months. That's a jump of 16% since the first quarter. Some 76% of firms say that over the past year, they have added more resources to detecting and mitigating "systemic risks."
DTCC also published a whitepaper called Cyber-Risk: A Global Systemic Threat, that calls for more information-sharing among the public and private sectors as a way to fight cybercrime. While there has been some efforts here, the report says, intelligence-sharing is not well-coordinated.
The survey results are available here.