Cybersecurity | An opportunity for financial services organisations

Following the implementation of stricter European data protection regulations earlier this year, cybersecurity is at the top of the agenda of most businesses providing services, particularly in the context of protecting customer data. Under the General Data Protection Regulation (GDPR), if organisations suffer a data breach, they could now face fines of up to €20 million or four per cent of their annual global turnover, whichever is highest. There is also a heightened threat to all business due to the potential reputational damage data breaches may cause, as we have seen with the example of BA. As such, more businesses are looking to bolster their defences to remain compliant and avoid unnecessary fines and crippling effects of damages to their reputation.

Thus, it should come as no surprise that regulators globally have already been focusing on the importance of strong cyber defences. For example, in addition to GDPR, in the UK, the Financial Conduct Authority (FCA) has listed cybersecurity as a crucial part of its regulatory compliance agenda and provides specific guidelines for organisations on the disclosure of incidents. Similarly, the Monetary Authority of Singapore (MAS) places cybersecurity as a priority, since establishing an international advisory panel. The board, which includes its first chief cybersecurity officer in efforts to drive regulatory standards of compliance for the financial services market.


With cybersecurity at the forefront of the agenda of the financial markets regulators, many companies are asking if they can sleep easy at night as the adoption of cloud-based infrastructure grows rapidly to enable business growth. Are these moves from regulatory authorities impacting the pace of technological advancements in the industry and hindering business?

The increased emphasis on cybersecurity from financial services regulators is primarily driven by concerns around the continued health of the global financial markets. Regulatory intervention on such matters is often initially perceived as “additional burden,” “over-regulation,” or an “unwelcome distraction” from generating revenue. However, since many parts of the financial services market fail to drive change in how they manage systemic risks without regulatory intervention, such top-level intervention should be welcomed. Indeed, the whole ecosystem will be better protected and market participants can have the chance to collaborate on how the industry mitigates risk as a whole.

The need for a cultural shift

A cultural shift is required, however, when it comes to issuing management in the financial services. Organisations should encourage a movement away from brushing issues under the carpet and move towards a culture of proactive disclosure and day-to-day issue management.

As cyber threats advance, financial firms need to see this as an opportunity to develop processes and protections, regardless of legislation or pressure from regulators. With consumers holding organisations to a higher standard than ever before, firms are under growing pressure to stay ahead of the curve and be transparent, making appropriate adjustments early enough to protect their business and, ultimately, their customers. In fact, making changes in advance of regulators could earn the trust of new customers by showing stability, forward-thinking and corporate social responsibility.

To be proactive in applying best industry practices across the market, organisations should focus on managing an effective transition to cloud technology. Indeed, it would be wise for financial market participants to assess the following questions about their organisations:

+ posts

Meet Stella


Related articles

The value of colocation data centres in IoT

IoT data processing is increasingly being pushed out to the network edge to get as close as possible to the source sensors and end-users of the resulting data analytics

Strategy and anticipation are key to securing against cyber threats

With technological progress comes increased security risks. Sophisticated and co-ordinated cyber groups are working every day to find potential entry points into organisations’ networks.

Raising talent attraction and retention with IT investment

To be at the centre of talent attraction and retention, businesses should make use of workplace technology that enables them to integrate collaborative, secure and sustainable measures into their operations.

How NIST started the countdown on the long journey to quantum safety

Leading the charge to develop a post-quantum cryptographic standard for organisations is the US government’s National Institute of Standards and Technology (NIST).

Overcoming economic uncertainty with cloud flexibility

Particularly for companies that jumped into the cloud headfirst, taking the time to optimise existing processes is a remarkable way to reduce infrastructure costs and free up OPEX for delivering business value.

Subscribe to our Newsletter