Catching the BBC News live, while in London, is one of my favorite activities while relaxing after a long day. Last week, the news that Lloyd’s of London just published the Global Risk Index for business, and ranked “Cyber Risk” #3 up from #12 in 2012, really caught my eye. The Risk Index was calculated based on a global survey of more than 500 C-suite and board level executives – and the fact that cyber incidents are now part of board-level discussions also shows heightened awareness of the issues affecting corporate health.
SOURCE: Lloyd’s Risk Index 2013
As I think about the Cyber “punks” and their antics “ getting better”, I know that our response to these and other risk threats has required a “stepped up” multi-dimensional view, across customer segments, events and transactions, contacts channels , products, and services. A multi-dimensional cyber strategy that is able to adapt with the evolution of the customer experience, address increasingly sophisticated fraud, and offer cyber controls and supporting technology roadmap absolutely requires partners with vision and execution capabilities.
Often, I have observed that the current state of cyber strategies at financial institutions are reactive, ad hoc, fragmented, and siloed. In order to deal with the #3 Global Risk for business, financial institutions must attack this threat with agility – requiring customer-centric, proactive, integrated, systemic, and aligned capabilities at both the technology and management levels.
Our most advanced and most successful clients are using Cyber data and related approaches in conjunction with their end-to-end fraud risk controls, analytics, and monitoring capabilities, which are integrated with their fraud operations and processes. If the Cyber Punks break the front door at these financial institutions, the alarm is sounded once they try to go out the back door.
A strong cyber-attack plan is no longer “nice to have”…..but necessary. And decisions around its formation and execution clearly belong in the boardroom, not just in the IT or compliance departments as the survey shows.
Let’s see if next year on the BBC News it is reported that we took the Cyber Punks out of the Top 10.