Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity NewsBanking/Finance/Insurance

The Building of a Cyber Resilient Financial Services Sector

By Jason Harrell
financial- enews
May 7, 2020

As we enter the new decade, we stand reminded that technological innovation and cybersecurity threats continue to develop and evolve at an incredible pace. Firms must therefore continue to build the proper defenses to protect consumer confidential data and financial market integrity. Cyber threats have become one of the top threats to the financial services sector and the ability of firms to be resilient in the face of these threats is paramount. 

But where exactly does the industry currently stand in regard to the resources dedicated to cybersecurity safeguards and resilience activities? A study led by Gartner, one of the world’s leading research and advisory firms, reported that worldwide spending on information security products and services in 2017 tallied USD 101 billion and predicted that figure would increase to USD 124 billion heading into this year.

At the same time, new technology solutions such as cloud computing, distributed ledger technology (DLT), and artificial intelligence (AI), continue to transform the way the financial services sector operates. We must understand the different risks that new technologies can introduce and how the assessments of these risks require a keen understanding of the technology and the risks inherent with how the technology is implemented. The DTCC white paper, Security Of DLT Networks, provides examples of risks that should be considered when using this emerging technology. As firms continue to innovate, they also need to consider and address the risks that come with technology’s use.

 

The Impacts of the Changing Threat Landscape

The DTCC Systemic Risk Barometer Survey, first launched in 2013, serves as a semi-annual reflection on existing and emerging risks that have the potential to impact the safety, resiliency and stability of the global financial system. The latest edition found that 63% of survey respondents ranked cybersecurity threats within the top five risks to the global financial industry while 22% cited it as the top risk. With this in mind, it is clear that the industry continues to see cybersecurity threats as one of the most pressing concerns. 

Financial firms are not alone in understanding cybersecurity threats; global policymakers have also taken note. The Financial Stability Board, an international standards-setting body that makes recommendations on the global financial system, issued a 2017 report that found that 72% of its jurisdictions were planning to provide additional cybersecurity guidance within the year. It is clear that an attack on one or more institutions can have a domino effect across the financial sector, therefore policymakers and regulators are working to provide principles and guidance to promote best practices to manage these risks. However, protecting institutions is not enough. As firms continue to build resilience into their own operations, cyber threat actors shift and focus their efforts on third- and fourth-party vendors as a means to gain access to financial data.  As a result, the financial services sector, supervisors, and standards-setting bodies must continue to be vigilant in addressing these risks and promoting third-party resilience.

 

Course of Action

There are several strategies that firms can take to mitigate cybersecurity risk. Although these preventative actions can help minimize many threats, it is of utmost importance for firms to know how to respond and recover from a cyberattack when it does strike. Firms should understand and identify single points of failure in the business services provided by the organization. From there, firms can do the following:

  1. Develop recovery strategies that will allow for the full or partial recovery of the organization’s business services. Next, it is important to
  2. Understand the controls that are or will be in place to mitigate risks to the organization’s business services. And finally, firms must
  3. Test these controls and the associated recovery strategies through tabletop exercises and systems testing to address any gaps and ensure preparedness.

By conducting these tasks, financial institutions will be better positioned to understand their operational risks and can develop responses that decrease the operational friction when an attack occurs.

 

Looking Ahead

Firms must continue to evolve their cybersecurity and cyber resilience practices while considering their individual firm and their potential impact on the financial ecosystem. Firms must balance their resources between innovation- and revenue-generating channels and those used to respond and recover from malicious cyber activity. Firms must also understand the risk and resilience capabilities of its third- and fourth-party vendors and the potential impact these organizations may have on an organization’s services. Lastly, firms must engage with other sector participants to provide and develop sector-wide solutions and responses in the face of an attack against the industry. As we continue to place a priority on these areas, we will continue to boost the industry’s ability to protect against attacks and recover quickly, should one occur.

 

This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security Magazine. Subscribe here.
KEYWORDS: cyber security financial sector information security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Jason harrell

Jason Harrell is Executive Director and Head of Business and Government Cybersecurity Partnerships for DTCC, an American post-trade financial services company providing clearing and settlement services to the financial markets. 

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Top Cybersecurity Leaders
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Columns
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Broken wet floor sign

Why Response Time Is Becoming the Missing Metric in Workplace Safety and Security

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Cyber Tactics

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Medical professional

Nearly 85% of Nurses Experienced Workplace Violence in the Last Year

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

August 27, 2026

Leveraging AI & Mobility to Advance Your Security Domain

LIVE: August 27, 2026 at 2 PM EDT Explore how AI-driven cloud security solutions can elevate your security domain enhancing threat detection, streamlining operations, and delivering the resilience modern organizations demand.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • financial

    Six cybersecurity threats the financial services sector faces

    See More
  • Credit card and padlock

    Financial services sector is facing data risks from personal apps

    See More
  • cyber5-900px.jpg

    New Report Examines the Creation of a Cyber Criminal

    See More

Related Products

See More Products
  • Physical Security and Safety: A Field Guide for the Practitioner

  • 1119490936.jpg

    Solving Cyber Risk: Protecting Your Company and Society

  • 9780367339456.jpg.jpg.jpg

    Cyber Strategy: Risk-Driven Security and Resiliency

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing