According to more than 250 of the world’s largest participants in financial markets – the owners and clients of DTCC, such as big custodian banks – cyber security is the number-one risk to financial markets.
In its latest six-monthly survey of clients, DTCC (the industry-owned Depository Trust & Clearing Corporation) reports that almost half (46 per cent) cite cyber security as the top threat, which is up from just 24 per cent one year ago. Eighty per cent put it in the top five for risk overall. See a summary of the report. The survey was conducted in the first quarter of this year.
DTCC says that security incidents continue to rise across the financial markets and other key industry sectors, with specific respondent feedback citing the growth in the “frequency and sophistication of cyber attacks”.
As a result, many market participants have increased their investment in technology to detect and prevent cyber threats, with the goal of ensuring “uninterrupted access to (threat) data.” At the same time, firms have increased hiring for cyber security roles and have provided greater training and educational opportunities across their organizations.
Mark Clancy, managing director, CISO Technology Risk Management, DTCC, and chief executive of Soltra, said: “Cyber security threats continue to grow each and every day, as attackers become more sophisticated. With cyber security identified as the industry’s top risk, it is critical that we develop and implement solutions that enable the timely sharing of data to prevent incidents as well as to promote faster incident detection and response.”
The call for cyber threat data sharing has been echoed by market participants, regulators and infrastructure providers alike, as firms seek to share information to prevent and respond to attacks more quickly, DTCC said. Most recently, the US House and Senate took proactive steps to confront the cyber security challenge and are working towards enactment of legislation to improve information sharing to protect critical infrastructure.
In addition to cyber security, respondents cited geo-political risk, local market policies, the impact of new regulations, and a global economic slowdown as additional areas of systemic risk. In fact, 73 per cent of respondents indicated they have increased the amount of resources dedicated to identify, monitor and mitigate systemic risk, a continued trend.