Canadian Banks 2018

Cybersecurity

Building trust in a digital, data-driven world

The rise of cyber risks

Canada’s Big Six banks are transforming key aspects of their front and back offices as they continue to modernize their cores. Yet cyber risks are an ever-present element in banking, as is the case in other sectors. Frequent reports of corporate data breaches from cyber attacks continue to keep cyber risk at the top of bankers’ minds.

As banks continue to face disruption from new market entrants and emerging technologies, they need to enhance their cybersecurity models, balancing the risks and opportunities related to their digital and innovation initiatives, in order to stay competitive.


loading-player

Playback of this video is not currently available

 

52% of executives in Canada’s financial services sector believe that cybercrime is likely to be the most disruptive fraud and/or economic crime in the next 24 months.

PwC’s Global Economic Crime and Fraud Survey 2018


Applying three lenses

Banks should apply three lenses—external, internal and regulatory—when building out their cybersecurity strategies.

In looking through the external lens, they’ll understand outside factors that affect the bank’s cyber risk profile. In other words, they need to know what's happening outside of the organization that might change that profile, for example, factors such as a new cyber attack on the horizon, new technologies posing new risks, and changes in the geopolitical landscape.

The internal lens brings management’s focus inwards in assessing what changes within the bank are impacting its cyber risk profile. This self-assessment is critical in launching a new product or service, implementing a new system or emerging technology, engaging new suppliers and understanding insider risk.

Lastly, the regulatory lens is used in understanding the expectations and requirements of regulators, especially for banks operating in multiple jurisdictions around the world.

“In order to execute on innovation while maintaining trust in the digital economy, banks need to pursue two parallel strategies - cyber risk agility and resiliency. Cyber risk agility to build a flexible cyber risk framework that can anticipate and prepare for innovations that bring longer-term success. Cyber risk resiliency to withstand potential cyber risk events from these innovations and keep the business moving toward its goal.”

—Sajith Nair, Partner, Cybersecurity & Privacy.

loading-player

Playback of this video is not currently available

Cybersecurity collaboration

Canadian banks have developed strong cybersecurity strategies over the last several years. These derive, in part, from collaboration with other Canadian banks in a manner and scale not seen in some other leading national banking sectors around the world. Canada’s Big Six banks share leading practices and trends relating to cybersecurity and the types of incidents they're seeing in their respective institutions.

That spirit of cybersecurity collaboration extends into bank-fintech relationships, as seen in, for example, leading-edge innovation labs and customer on-boarding processes. Together, banks and fintechs undertake thorough cyber assessments of key aspects of their joint initiatives to make sure cyber risks are properly understood and mitigated. These types of cybersecurity collaboration will only increase in the future.

93% of banking and capital markets CEOs globally say they’re investing—to some or to a large extent—in cybersecurity strategies.

PwC’s 21st CEO Survey: Findings in the banking and capital markets industry

 

Contact us

Diane Kazarian

Managing Partner, Greater Toronto Area, PwC Canada

Tel: +1 416 365 8228

Jason Boggs

National Consulting Leader, PwC Canada

Tel: +1 416 941 8311

Sajith Nair

Partner, Cybersecurity & Privacy, PwC Canada

Tel: +1 416 815 5185

Stay Connected: