In this age of globalized finance, the explosion of cyber risks has emerged as a top priority for financial stability around the world. In this new normal, digital transformation has accelerated to the pace of a sprint as banks and fintechs are rushing to upgrade payment systems and adopt new developments, such as digital currencies within the post pandemic era. This abrupt transition has simultaneously increased ease and efficiency while also expanding the attack surface for cybercriminals.
One of the important examples that proves the severity of this threat is — in 2017, Equifax suffered a massive data leak threatening around 150 million people and then tried to hit itself with $1 billion in penalties. Even more worryingly, extreme losses from cyber events in the financial sector have more than tripled since 2017 alone, reaching as high as USD 2.5 billion2. Aside from these direct financial hits, such breaches also come with significant reputational damage and higher expenses for cybersecurity improvements.
The financial sector is particularly at high risk because fiscal operations often deal with very sensitive data and transactions. So, cyberattacks that either impact payment systems or disrupt financial data integrity would have wider economic consequences2. For example, in 2023, a large ransomware attack against a single cloud service provider compromised 60 U.S. credit unions at the same time, demonstrating how attacks can cascade through the system. Such disruptions could lead to loss of trust, run on banks or even market sell-offsi in extreme circumstances2.
Strong national and international coordination is required to address these vulnerabilities. As of today only around half of the countries surveyed by International Monetary Fund (IMF)2 had a fully fledge finance oriented cyber-security framework. The disparity, much broader among developing nations called to tighten regulatory structures as well as build cyber resilience through recovery measures and crisis management systems.
In the end, due to rising levels of cyber threat, global financial stability will depend on coordinated action from financial institutions, regulators and governments. Regarding this, we need initiatives that promote sharing of information and collective defence measures, since many attacks transcend states by taking advantage of the inconsistencies in jurisdictions2. As complement to existing industry practices and standards, public intervention fortified upon sound cybersecurity policies can help protect the financial ecosystem against shocks.
As the world of technology continues its relentless rapid pace of change, cyber resilience is no longer as a matter for defensive posture, but actually an imperative to maintain trust in our financial systems.