The risks facing companies in the financial sector have long been evolving beyond damage caused by financial losses, incidences of misconduct, and market volatility. Aon’s 2017 Global Risk Management Survey found that cyber risk is now one of the top three concerns for banks – which is understandable, given the impact has broad sweeping ramifications ranging from privacy and security, to monetary consequences, as well as business and operational continuity. Accordingly, regulatory authorities are demanding that financial services firms demonstrate their ability to minimize disruption from cyber-attacks on consumers, market participants, financial market infrastructure, and the system as a whole.
While larger financial companies have made significant strides in the maturity of their security programs, in an evolving threat landscape, it’s critical that all organizations are set up to continuously optimize cyber risk management. Effectively addressing both the information security and operational resilience implications of cyber risk requires collaboration between multiple departments, but two experts in particular must be in sync: the chief information security officer and the chief risk officer. Companies with little or no communication between these two parties severely hamper their ability to assess and manage their exposure to cyber risk, putting themselves – and their clients – at a distinct disadvantage.
Read the article here