We are entering an era of extreme digital risk with cyber-crime on the rise and financial institutions prime targets of criminals. For these financial institutions, developing an innate understanding of where and how they could encounter cyber risk in this environment is now of primary importance. At the same time, security teams must continuously strive to fulfill their fiduciary and regulatory responsibilities, while meeting rising expectations for consumer privacy and innovative business solutions. Collaborative has a long history of providing IT leadership in the financial markets.
The financial services industry experiences 35 percent of all data breaches, according to Forbes, earning it the dubious distinction of “most-breached sector” of all.
Key trends to watch:
Drawing from the U.S. National Institute of Standards and Technology, Deloitte divides financial institutions into four levels of cybersecurity maturity. Organizations with “partial” maturity rank at the bottom, while “adaptive” institutions rank at the top.
Partial: At these organizations, cybersecurity risk management practices are not formalized, and risk is managed in an ad hoc (and sometimes reactive) manner.
Informed: This maturity level is characterized by institutions where management has approved risk management practices, but these practices may not be established as policy across the organization.
Repeatable: Here, an organization’s risk management practices are formally approved and expressed as policy.
Adaptive: At this highest maturity level, organizations adapt cybersecurity practices “based on lessons learned and predictive indicators derived from previous and current cybersecurity activities.”