The financial sector and the banking industry in particular are unique in the IT world: no other businesses have the same combination of constant drive for innovation, regulatory pressure and customer-facing IT applications. That also means increased exposure to cyber security risks via the interfaces to the public, whether these risks are linked to criminal intent, breach of confidentiality or other. Software testing engineers work to expose any technical security problems before systems are put into production mode, but they can’t handle all aspects of cyber security. A holistic view by a business continuity manager can add value to the overall process of making financial systems secure in the cyberspace.
More than technical teams, more even than bank security officers, business continuity managers need to see the whole picture of how the systems of a financial institution should be functioning. Technical teams are unlikely to address the threats of social engineering, where hackers gain access to IT systems by fooling people rather than cracking codes. Security officers focus on what can go criminally wrong, but not what can simply break down. Business continuity managers on the other hand need to cover all significant threats to the continued cyber operations of the financial organisation, whether technical or non-technical, criminal or accidental.
As more and more activities in and between banks, loan and credit organisations and insurance companies move to the web, cyber security risks will continue to multiply in all senses. The good news for business continuity is that there will also be a flow of new and evolving cyber security solutions for financial organisations. Business continuity managers will also have additional opportunities to leverage solutions so that they simultaneously reduce vulnerability across different areas, rather than the added and perhaps unnecessary complexity of several piecemeal approaches.