Deloitte’s report is based on a survey of 94 financial institutions around the world that operate in a range of financial sectors and with aggregate assets of $29.1 trillion.
Deloitte’s Edward Hida — financial risk community of practice global leader and a partner in Deloitte Risk and Financial Advisory — posted his executive summary the latest Global Risk Management Survey which is the organization’s eleventh. The report is a detailed one and Deloitte draws quite a few conclusions around the continued focus on cyber security, engagement of boards of directors, increase attention to non-financial risks, the potential of digital risk management, enterprise risk management, the proliferation of Chief Risk Officers, an increased reliance on stress testing and more.
A couple figures jumped out at me which show at least two challenges to financial institutions.
Hear this Deloitte professional at ICRMC in Toronto April 15-16!
Respondents are finding “extremely challenging” the need to keep up with changing business operational needs, such as deployment of social mobile applications, data analytics and cloud-based risks. Also in the “extremely challenging” category, not surprisingly, are threats from “sophisticated actors,” like foreign governments and crackerjack hacktivists.
Other issues categorized as “extremely high priority “revolve around getting quality risk data quickly. Given the average length of time other studies show that a hacker can poke around in your network before you realize it — and how much damage they can do when they have all that time — it’s easy to see why this is a major concern for financial institutions.
You can read the rest of his executive summary here. You can also download the full report as well as all of Deloitte’s past editions.
Two of Edward Hida’s Deloitte colleagues — Beth Dewitt and Adel Melek — are speaking at the International Cyber Risk Management Conference April 15-16, 2019, in Toronto. They are addressing the global regulatory landscape.
Here is the session description:
“Large-scale data breaches are increasingly in the public eye; consumer trust in brands is faltering, creating a surge in data and privacy protection discussions from the Boardroom to the front lines. While the European Union’s General Data Protection Regulation (GDPR) has occupied much of the spotlight since coming into effect in May, globally there has been a barrage of privacy laws like the California Consumer Privacy Act that was passed in June and the breach-reporting amendments to PIPEDA came into force on November 1st. What do these and the plethora of other privacy regulations mean for your organization when it comes to protecting an individual’s personal data?”