Trustee and Fiduciary Services Global Asset Management Industry Insights

Global Asset Management Industry Insights 17 Cyber Cyber crime is, possibly, the greatest threat to financial services firms, where bad actors — people who commit cyber crimes — don’t merely want to steal money: they also want to disrupt markets, disclose confidential information or just have a look inside a firm’s systems, each leaving varying degrees of destruction in their wake. To know how firms manage their cyber security risks, we posed a series of options. While no single option stands out, ensuring executives are aware of the risks of cyber crime through education takes the top spot with 65% of respondents. This is closely followed by the use of scenario analysis and simulation exercises, including the risks posed by outsource providers, and a firms’ ability to detect, respond and recover from cyber attacks. Coupled with responses indicating that firms implement controls to protect privileged user accounts, we feel that firms, on the whole, have plans in place to counter such threats. An area that may require addressing, however, is board representation and the presentation of high-quality management information. Regulators have suggested that cyber risks are a board priority. Yet it’s unexpected to see that only 35% of respondents indicate this as an approach. 65% 61% 61% 39% 6% What is your firm’s approach to managing cyber security risks (select as many options as appropriate)? Q10 Detect, respond and recover Other Educating executives Scenario analysis/ simulation exercises, incl. risks posed by outsourced providers Implement controls to protect privileged user accounts 51% Presenting high-quality management information in useful formats 35% Board-level appointment specifically responsible for overseeing cyber risks