Skip to main content Skip to Footer

LATEST THINKING


How large is your cybersecurity Threat Gap?

New threats are at your virtual gates. A big cyber spend is not enough to keep them at bay.

Overview

As financial firms digitalize to meet customer demands for simple, 24/7 access, each digital door opened exposes them to new cyberthreats from third parties, insiders and geopolitical risk.

Despite significant cybersecurity spending over the past several years, many companies are still as exposed as they were before that spend. The Threat Gap—the gap that exists between investments in technology, people and processes to mitigate cybersecurity emerging threat vulnerabilities—continues to widen.

Companies need to change their approach, cutting a wider swath with intelligence gathering—and baking cybersecurity into the business.

DOWNLOAD THINK BANKING CYBERSECURITY IS JUST A TECHNOLOGY ISSUE? THINK AGAIN. [PDF]

Key Findings

In 2016, 75 percent of banking executives expect to invest in hardened devices and encryption, 66 percent in better protection around systems, but only 20 percent in improved intelligence gathering and assessment. The first two actions will not by themselves stop breaches. An intelligence-focused approach will be required to create a comprehensive strategy. You cannot defend against what you do not know.

True cybersecurity is a combination of defense, resilience and assurance. It is not simply purchasing the latest cybersecurity product. It requires a new mindset as well as a new skill set.

Most banking and capital markets executives view cybersecurity risks as stemming from a limited set of external sources, such as criminal elements. With that view, they are missing key threats of a new breed. Executives are still somewhat behind in their thinking on this issue, as only one-third view geopolitical risk as a cybersecurity threat.

Recommendations

Closing your Threat Gap requires:

  • Taking cybersecurity out of the technology silo. Input from top-level executives beyond the CISO is crucial.

  • Making cybersecurity a reported expectation on all projects—from architecture to daily processes, it should be a prime concern. Bake it into the business.

  • Using an intelligence-based approach to protect your company’s information and employees. The new breed of threats requires no less.

LEARN MORE ABOUT ACCENTURE STRATEGY


Authors

Michael Orozco Michael Orozco
Managing Director – Accenture Strategy 
Cybersecurity Strategy & Risk Management, 
Global Lead Financial Services

email

Stéphane Geyres Stéphane Geyres
Managing Director – Accenture Strategy
Security Strategy

email