Canadian Banks Collaborate to Combat Cyber Risks
As Canadian banks look to innovate and incorporate emerging technologies into their business models, they must also continue to invest in enhancing their cybersecurity models to balance risks and opportunities. This is according to PwC Canada's Canadian Banks report which provides insights on how the innovation journey needs to contemplate cybersecurity and risk management.
Cyber risks and data breaches are becoming more common and are now a top concern for the banking sector as 52% of executives in the Canadian financial services sector believe that cybercrime is likely to be the most disruptive economic crime of the next 24 months. Despite the heightened awareness of cyber risks, banks still face some challenges in building their cybersecurity strategies due to increasingly sophisticated adversaries, rapidly evolving technologies, and multiple regulatory requirements. They recognize this and are revisiting their security architecture to augment traditional controls with more layered and advanced controls. The focus is on protecting the new digital perimeter - data, identity and endpoints.
"Managing cyber risk is top of mind for all Canadian banks and they are working together, developing strong cybersecurity strategies and sharing leading practices and industry trends," says Diane Kazarian, National Financial Services Leader at PwC Canada. "Creating an integrated approach to manage cyber risk solidifies Canada as leaders in this sector."
Cyber risk is driving the sector's executives (93%) to invest in stronger investments in cybersecurity strategies. As banks look to strengthen their cybersecurity strategies, there are three lenses (external, internal and regulatory) they need to take into account:
• Greater awareness of what's happening external to their organization as it relates to cybersecurity, including new technologies and changes in the geopolitical landscape.
• Consider internal factors acquisitions, new digital services and organizational restructure could impact their cyber risk profile.
• Understand the expectations and requirements of regulators, especially banks operating in multiple jurisdictions.
"Building trust between banks and customers is at the centre of building a lasting cybersecurity strategy," says Jason Boggs, National Financial Services Consulting Leader at PwC Canada. "Working with every level within the organization is key to manage cyber risk and safeguard a strong reputation."
Collaboration extends into bank-fintech relationships to undertake cybersecurity assessments of joint initiatives, making sure cyber risks are understood and mitigated. Fintechs understand the technical portion while banks know their customers and regulations. The marriage of both core competencies can lead to an exciting future but presents risks as well.
"In order to execute on innovation while maintaining trust in the digital economy, banks need to pursue two parallel strategies - cyber risk agility and resiliency. Cyber risk agility to build a flexible cyber risk framework that can anticipate and prepare for innovations that bring longer-term success. Cyber risk resiliency to withstand potential cyber risk events from these innovations and keep the business moving toward its goal." says Sajith Nair, Partner, Cybersecurity & Privacy.
With increased pressure from regulators to have sound cybersecurity strategies, banks are turning to engage new digitally-savvy talent. According to the report, investing in such talent is key to sustaining a long term strategy and achieving and maintaining the highest levels of security that customers and stakeholders expect of the sector.