October 23, 2014 - In the wake of several recent high-profile cyber attacks on major sectors of the global economy, cyber security now ranks as the principal concern of the financial services industry, according to results of a new survey released today by The Depository Trust & Clearing Corporation (DTCC).
A record 84% of respondents in DTCC’s Systemic Risk Barometer identified cyber-risk as one of their top five concerns - an increase of 25 points since the last survey was conducted in March 2014. Furthermore, 33% ranked cyber-attacks as the number one systemic risk to the broader economy, up from 24% from March 2014.
To bring greater industry focus to this issue, DTCC today released a comprehensive white paper, Cyber-Risk: A Global Systemic Threat, which identifies greater information sharing and closer collaboration between the public and private sectors as among the strongest defenses to combat cyber-crimes. The paper finds that despite progress in this area in recent years, information sharing remains insufficiently coordinated.
Fostering Discussion on Cyber-Threats
“Building information partnerships among key stakeholders is critical to developing the most comprehensive and effective tools for promoting cyber-security across the financial system and in our critical infrastructures,” said Michael Leibrock, DTCC Chief Systemic Risk Officer. “The best way to achieve these alliances is through a truly coordinated and open approach across industries and national borders. With concerns about the potential wide-spread impact of cyber-threats growing rapidly given the recent high-profile cyber attacks, our white paper provides a solid platform for greater discussion around this very real risk.”
The white paper provides global policy makers and the financial community with a number of recommendations to strengthen resiliency from cyber-risks. As a top priority, the paper calls for the creation of global industry working groups to engage with relevant national regulators on the development of cyber-security regulations that address the real-time and evolving nature of cyber-threats. In addition, the paper cites the need for those charged with developing strategies for cyber-security to shift the focus of programs from “check the box” security to actively hunting threats.
“No institution - large or small, public or private - is immune to a potential cyber-attack,” said Mark Clancy, DTCC Corporate Information Security Officer and CEO of Soltra. “All of us need to become agile in response to these rapidly evolving threats by being able to share information about attackers’ activities between multiple stakeholders and shifting the model from individual institution’s static defenses to dynamic community responses. This shift requires both the maturation of operational capabilities and public policy frameworks to be successful.”
Other topics covered in the paper include:
• The need for organizations to develop, execute and enhance institutional cyber-resilience to protect core business functions.
• A global overview of public policy initiatives designed to safeguard critical infrastructure, protect national security and ensure data privacy.
• Recommendations for addressing future cyber-threats drawing on best practices and lessons learned by cyber-defenders.
DTCC Systemic Risk Barometer: Cyber-Security as top risk concern
The DTCC Systemic Risk Barometer is an on-going pulse check survey that monitors emerging trends on significant risks that may impact the safety, resiliency and stability of the global financial system. The Barometer reflects feedback provided by a wide variety of respondents, including DTCC clients, as well as financial industry professionals from regulatory bodies, academia and research organizations worldwide.
In addition to the findings on cyber-risk, the survey’s other key findings include:
• 64% of respondents also cite the impact of new regulation as a top five concern
• 62% of respondents identified geopolitical risk as a top five concern
• 37% of respondents said that the probability of a high-impact event in the global financial system has increased during the past six months - up 16 points since March 2014.
• In line with these results, 76% of all respondents indicated they have increased the amount of resources dedicated to identifying, monitoring and mitigating systemic risks over the past year.