The impact of cybersecurity risks on financial services
The financial sector faces highly unique challenges when it comes to building resilience against cybersecurity risks. Not only do financial institutions need to combat cyber threats such as web application attacks; bad bots; ransomware; and phishing attacks – they must also consider how to maintain uptime before, during, and after these kinds of breaches in order to provide seamless service to customers and maintain compliance with regulators.
The Cost of Cybersecurity Risks
According to Gartner, “the average cost of IT downtime is $5,600 per minute. Because there are so many differences in how businesses operate, downtime, at the low end, can be as much as $140,000 per hour.” While this is a jaw-dropping statistic, for financial institutions perhaps the even greater fear comes in lost business costs.
IBM’s 2020 Cost of a Data Breach Report found, “Lost business costs accounted for nearly 40% of the average total cost of a data breach, increasing from $1.42 million in the 2019 study to $1.52 million in the 2020 study. Lost business costs included increased customer turnover, lost revenue due to system downtime, and the increasing cost of acquiring new business due to diminished reputation.”
Additionally, the FFIEC (Federal Financial Institutions Examination Council) has enhanced their mandates for operational resilience, business continuity, and crisis management for the financial sector. Rising regulation and compliance expectations from regulators demonstrate the need for automation to be used across operational risk areas to gain efficiencies of process, knowledge, and impact assessment.
Regulators are focused on the impacts of operational outages and the effect they can have across the industry. Regulation outlines response benchmarks, detailed tracking, audit logs and evidence of executive oversights.
For financial services to be successful in this age of increased regulatory requirements and complex digital threats, cyber resilience is no longer just about remediating the attack itself – it is about maintaining a reputable and trustworthy brand and product for the customer.
Organizations must prioritize building a resilient operation, so, when any disruption occurs, whether from a cyberattack or otherwise, the impact is as minimal as possible and does not affect the customer experience or result in major non-compliance fines.
Furthermore, unforeseen events like the COVID-19 pandemic served as a potent reminder to companies everywhere of the critical importance of operating, modernizing, and ultimately investing in core technology to create positive returns.
It is through digital transformation, or a commitment to automation, that a financial institution can build maximum operational resilience, enhance customer experience, and realize positive returns on technology investment.
The Domino Effect of Disruptions
According to a June 2020 Federal Reserve Bank of New York study, there is a cascading ‘negative’ impact when a large financial firm experiences a digital disruption – this was a pre-mortem analysis to uncover ways that attacks may be amplified into a disaster.
The final analysis found a cybersecurity related risk would likely result in direct costs to the affected bank and spillovers to counterparties within the financial sector and to the real economy. For financial institutions, becoming cyber resilient is more than shielding against a single negative disruption. Cyber resilience means active prevention against the negative domino effect a single disruption can set off.
As so much of the financial sector’s success is rooted in the customer’s trust, falling victim to a chain of events whose impact can affect the whole of the economy puts financial institutions at a very high risk of lost business. It pays to be prepared.
Deloitte stated, “Operational resilience costs, but a lack of resilience costs a lot more.” Research indicates that on average, investing 1 USD in resilience early helps avoid on average 5 USD in future losses – a very clear case for investing up front, rather than spending money only after an event to rectify incurred losses and financial disrepair. It is clear that as the financial sector moves into the future of digital operations, optimal resiliency must be achieved through digital transformation.
Operational Resilience through Digital Transformation
Innovations in incident management, including greater automation, more extensive integration, data/event-level visibility, and advances in ease-of-use, will enable the healthy infrastructure on which uninterrupted customer experiences depend.
Everbridge CEM for Digital can help financial services establish and maintain an ‘Operational Resiliency ROI’ by minimizing business downtime and accelerate incident resolution through automating communications, collaboration, and orchestration.
CEM for Digital streamlines incident response to accelerate resolution across IT Ops, Service Ops, Sec Ops, DevOps, and IT BC/DR.
Everbridge can help financial services expand the reach of incident management workflows that help resolve issues at the pace of innovation. It will also equip any employee across the organization with the information and resources they need to support digital transformation and deliver uninterrupted customer experiences.
If you would like to learn more, download The Value of Digital Transformation in Financial Institutions: Achieving an ‘Operational Resiliency ROI’.