Dan Schutzer, a senior technology consultant at the Financial Services Roundtable’s BITS technology division, said recent data breaches and waves of distributed denial of service attacks illustrate the “folly” of approaching risk on an individual basis.
Cybercrime has been on the rise in recent years with the growing use of technology and the shift towards electronic transactions. Several retailers, including Michaels and Target, among others, saw their systems breached over the past year by cybercriminals, compromising the data of millions of consumers.
Schutzer said, however, that cyber risks are “not self-contained” within a single organization or industry and managing the risks extends beyond the “aggregation of local technology and procedures” within an individual organization.
“Organizations are exposed to outside risks through increasingly complex, tightly linked and interconnected networks and systems with counterparties, partners, suppliers, vendors and outsourcers,” Schutzer said. “Poorly understood disruptive technologies applied to infrastructure relied on by societies further complicate matters.”
The financial services sector has, in recent years, stepped up efforts to increase to enhance cyber risk management with the development of big data processing systems, the establishment of cyber intelligence initiatives and the implementation of cyber insurance policies.
Schutzer said such solutions will allow various companies across a number of industries to use and compare data to identify solutions that seek to mitigate the growing risk of cybercrime.
“Progress in sharing and collaborating both within the financial sector and with financial sector partners, emergence of more robust cybersecurity insurance coverage and the application of big data and advanced risk analytics to the measurement of cyber security risk management strategy and tactics have the potential to improve cyber risk management,” Schutzer said. “Both industry and policymakers should encourage, nurture and accelerate their deployment and implementation.”