RESEARCH REPORT

In brief

In brief

  • Financial firms have built good cyber security, but with one in five breach attempts slipping under the radar they cannot afford complacency.
  • The Banking & Capital Markets report finds only four in 10 firms using new tech. Should they reconsider, given cyber criminals' tech know-how?
  • The Insurance report shows providers grappling with added complexity, such as providing cyber protection insurance and fighting tech-savvy fraud.


Cyber resilience mastery may be within reach for financial firms but achieving it might not be easy.

First, the good news: Accenture’s 2018 State of Cyber Resilience report finds Financial Services businesses stopped 81 percent of attacks in 2018, compared with 66 percent in 2017. This means only 19 percent of cyber attacks succeeded this year.

Cyber criminals are improving their attacks—but financial firms are not responding in kind.

On the other hand, cyber criminals are improving their attacks, deploying breakthrough technology to outsmart security—but financial firms are not responding in kind. In fact, from an overall budgeting standpoint, only 18 percent of financial firms responding to the Cyber Resilience report significantly increased their cyber security spend over the past three years, and only 30 percent expect to spend significantly on defense over the next three years.

Banking and Capital Markets: 2018 State of Cyber Resilience



Banking and capital markets leaders are confident about their cyber resilience. Eighty-one percent of leaders across all industries report "confidence" or "extreme confidence" in their ability to resume activity after a breach. Firms also believe they are ahead of the curve when it comes to cyber security. Our survey found them performing well in 19 out of 33 capabilities on average—such as stakeholder involvement, cyber security accountability and cooperation during crisis management.

That confidence is great—but is it premature? One in seven breach attempts against banks and capital markets firms still succeed, and 42 percent of attempts go undetected for at least a week.

Meanwhile, banking and wealth management activity is rapidly moving to the digital domain, creating the potential for new cyber security threats. Likewise, business decisions increasingly rely on data, bringing more gap potential. Can banks and capital markets firms keep pace in a fast-changing threats landscape?

One strategy is to invest in new technologies. But banks and wealth managers are lagging in their investments in robotics, Artificial intelligence (AI)/machine learning, Internet of Things and blockchain.

38%

Anticipated investment in robotic process automation for cyber security.

43%

Anticipated investment in AI and machine learning.

47%

Anticipated investment in blockchain.

50%

Anticipated investment in Internet of Things Security.

Insurance: 2018 State of Cyber Resilience



Insurers have seen cyber resilience successes similar to those reported by banking and capital markets firms. Successful breaches for insurers declined from 30 percent in 2017 to 22 percent this year. Between 2017 and 2018 the number of cyber capabilities mastered by insurers almost doubled, from 12 to 20 (there are 33 total capabilities), with cooperation during crisis management and leveraging peers to identify business threats among the insurers’ high performing skills.

22%

Successful breaches this year, a decline from 30 percent in 2017.

12TO20

Between 2017 and 2018, the number of cyber capabilities mastered by insurance almost doubled, from 12 to 20 (out of 33).

Complicating the cyber resilience picture for insurers is the need to not only manage their own defenses, but help customers manage theirs. Many insurers now offer policies to customers, insuring them and helping them protect their digital assets.

Another challenge facing the industry is the growing intersection of fraud and cyber. Not long ago, fraudsters were dependent on other actors, like doctors or auto body shops. But with identity theft capabilities, criminals can pass themselves off as claims processers or agents. Insurance fraud now can be committed faster, at lower risk to cyber criminals.

Is your cyber strategy resilient enough?

Banks, capital markets and insurers have seen strong success—but cyber criminals are getting smarter all the time. If they aren’t building solid strategies backed with robust breakthrough technologies, financial businesses may be leaving a breach-able gap.

Contact us to learn how your firm can master cyber resilience sooner, rather than later.

Chris Thompson

Senior Managing Director


Nadine Moore

Managing Director

MORE ON THIS TOPIC


Subscription Center
Stay in the Know with Our Newsletter Stay in the Know with Our Newsletter