日本語
In recent years, regulatory authorities have increasingly called upon financial institutions to strengthen cyber risk management for their supply chains, resulting in a need for both Japanese financial institutions and their subcontractors to update their risk management measures. A failure to sufficiently address supply chain cyber risk management could lead not only to impacts like information leaks and system outages, but also to medium- to long-term business impacts including damage to an institution’s reputation and customer loyalty.
However, many security officers of financial institutions have concerns regarding issues such as the extent to which they can require subcontractors with whom their institution has no capital relationship to implement management measures and what kind of measures they need to take to implement efficient and effective management. To help those responsible for security at Japanese financial institutions obtain hints on how to address such issues, PwC Consulting LLC conducted interviews with experts at overseas financial institutions regarding their own past successes.
This report is intended for those responsible for cybersecurity at Japanese financial institutions. It presents examples of advanced initiatives taken overseas with regard to supply chain cyber risk management and compiles recommendations for actions to be taken by Japanese financial institutions in the near future.