Cyber security is a major hot-button issue in the UK at present, with the government clearly signalling its intent to crack down on the growing online threat by establishing the National Cyber Security Centre in late 2016 – with a long-term cyber security strategy to match.
But the threat is far from just domestic. Businesses across the globe have been putting their heads together to forge new solutions to a problem which only dares to rise as data quickly moves to become an inextricable element of any company’s ‘business as usual.’
Prime minister Theresa May put it well during her speech at the 2018 Munich Security Conference last month, where she argued that as globalisation brings nations closer together than ever before, we “face a host of new and growing threats that seek to undermine those rules and values.”
“As internal and external security become more and more entwined – with hostile networks no longer only rooted in state-based aggression and weapons designed not just to be deployed on the battlefield but through cyberspace – so our ability to keep our people safe depends ever more on working together,” she told delegates, who hailed from more than 70 countries.
“For our part, the United Kingdom has always understood that our security and prosperity is bound to global security and prosperity. We are a global nation – enriching global prosperity through centuries of trade, through the talents of our people and by exchanging learning and culture with partners across the world.”
To demonstrate the importance of cyber security on a global stage, the World Economic Forum (WEF) this week decided to convene a consortium of worldwide experts to develop cyber security assessments for financial technology companies (fintechs) and data aggregators. The main push behind this was the new and stark revelation that cyber threats represent the top risk to the financial services industry.
The consortium’s founding members include Citigroup, Zurich Insurance Group, Kabbage, HPE and DTCC, all of which will work together to create a framework to assess cyber security in the vulnerable fintech sector.
Ted Moynihan, managing partner of financial services at the UK’s Oliver Wyman Group, a knowledge partner for the WEF’s work on the global financial system, commented: “Financial services firms face specific challenges in managing cyber-risk – from technology and talent to regulations and effective collaboration – that cannot be fully addressed by a single institution.”
Michael C. Bodson, president and CEO of DTCC, added that it is “critically important that we work together to share insights and drive best practice,” and promised that the new initiative will further strengthen cyber resilience and foster greater collaboration with colleagues across the public and private sectors.
According to the consortium, cyber breaches recorded by businesses have almost doubled in just five years – and its estimated drain on the economy over the next five comes in at a staggering $8 trillion dollars. Hardly something to brush over.
And there isn’t any easy way out for fintechs, who can only deliver on customer experience pledges if their financial system is able to manage risks adequately. Officials are also “increasingly linking technology companies to their system infrastructure,” voluntarily or otherwise, meaning it is imperative that companies have a reliable and objective cyber security framework in place.
The consortium will start working on these ambitions immediately, in close consultation with the WEF’s new Global Centre for Cybersecurity in Geneva. It is expected to develop common principles for assessments, guidance for implementation, a point-based scoring framework, and guidance on improving an organisation’s score – all of which will draw upon a similar domestic project undertaken last year in the United States.
But for now, companies in need of immediate guidance – especially in light of the incoming General Data Protection Regulation, which will come into force at the end of May – can get in touch with the National Cyber Security Centre, which offers help to small charities up to major conglomerates and has been implementing pioneering programmes as part of its Active Cyber Defence scheme.