Cyber survey finds 1/3 of financial services firms don’t have “proper” third-party controls

A recent joint survey on cyber resilience by the Institute of International Finance (IIF) and McKinsey found significant concerns regarding third-party security.

The report focuses on four different areas: firm-level cyber resilience, sector-level cyber resilience, costs and full-time-equivalent employees, and next-generation trends. A key theme is around building up cybersecurity controls around supply chains, including third- or fourth-party risks, in areas such as vendor remote-access management, activity monitoring, and concentration risk.

The survey found that size matters: the largest firms have higher cyber resilience scores across functions. Companies with more than $1 trillion in assets had an average resilience score of 3.0 (on a 4-scale), while the companies with asset class under that size had an average score of 2.6. “Cybersecurity resiliency requirements get complex as companies grow beyond a certain scale, so it is important to embed resiliency as part of the growth strategy,” the report noted.

Security around supply chain and vendors, and incident response were reported as the least-mature capabilities. For example, 33% of companies responded that they don’t have proper vendor remote access management, with multi-factor authentication. This suggests a need to strengthen access control and other cybersecurity areas for vendors.

The survey was designed to provide an understanding of current and planned practices that financial firms are undertaking to enable and strengthen firm- and sector-level cyber resilience: 27 globally active firms participated in the survey, and more than 50 companies participated in group discussions in meetings with chief risk officers in the Americas, Asia, Europe, and the Middle East.

Access the full report

Related Posts

Previous Post
J.P. Morgan’s eFX trading and pricing engine goes live in Singapore
Next Post
BIS: A New Indicator of Bank Funding Cost

Fill out this field
Fill out this field
Please enter a valid email address.

X

Reset password

Create an account