There are “acute concerns” about cyber security risk management in what Booz Allen describes as today’s “new normal” of persistent threats in its list of Top Financial Services Cyber Security Trends for 2014.

Five years ago, boards of directors and senior executives at
financial services firms will probably have cited liquidity, regulatory compliance or “bad
debt” among their toughest risk management issues.

But there are now “acute concerns” about cyber security
risk management in what Booz Allen describes as today’s “new normal” of
persistent threats in its list of Top
Financial Services Cyber Security Trends for 2014.

Only yesterday, for example, did Singapore’s
financial regulator raise the alarm about cyber security breaches at
financial organizations after it emerged that 647 client account statements at the private bank of UK-listed
Standard Chartered had been stolen. Meanwhile, JP Morgan yesterday warned some 465,000 holders of pre-paid cash cards issued by the bank that their personal information may have been accessed by hackers, Reuters reported.

While the issues of data protection and security
are arguably the most important facing the wealth management industry today, that is, of course, not to say that the other above-mentioned challenges are not still very much significant areas of focus. 

The new trend, though, is that executives have seen how “distributed denial-of-service”
attacks - in which a multitude of systems attack a single target
- can destroy data and reputations, Booz Allen said. “They learned that cyber threats attack a bank wherever it
does business, not just where it is headquartered. And they witnessed the
critical benefits of public-private information sharing.”   

The findings are in line with those stemming from the 2013
FOX Family Office Benchmarking: Technology in the Family Office study,
which found that security worries, which apply both to data itself and how it
is communicated, are now mentioned just as often as the issue of technology integration. Meanwhile, according to industry executives, rising risk, complexity and internet exposure are prompting wealthy
families and family offices to pay more attention to their insurance
coverage this year (see feature here).

Some of next year’s trends, according to Booz Allen:

• Threats
  that take advantage of weaknesses in mobile device platforms when
  information is sent to a hacker who then “owns” the device;

• Developing
  countries with growing liquidity will see more attacks on their local
  banks. The firm noted that while countries across the Middle East, Latin America and Asia-Pacific are modernizing their
  economic infrastructures, this puts them on the radars of more “sophisticated” attackers;
• Attackers,
  the firm also said, are moving from large-size banks to regional and
  mid-tier, due to their perceived lack of security;
• Cyber
  “hygiene” challenges of today can no longer be a responsibility solely
  owned by IT. Booz Allen said banks need to develop multi-disciplinary teams
  that include IT, human resources, internal communications, marketing and
  legal to inform staff about the importance of being cyber risk aware
  and knowing what to do when a concern arises;
• The National
  Institute of Standards and Technology effectively makes private sector
  enterprises liable in the event of cyber breaches in which personally
  identifiable information or other data is destroyed or taken over by attackers. “While this creates liability risk for banks, it also opens the window for
  the insurance industry to offer policies that help firms offset this
  liability,” the firm said; and

• As
  operational data is moved to “the cloud,” stringent security controls are crucial. This gives financial institutions the opportunity to upgrade security
  architectures and enhance controls.

“As financial institutions increasingly deploy mobile and
cloud technologies and integrate their partners, suppliers and customers, their
data perimeters are becoming much harder to define,” said Bill Stewart, senior
vice president and head of Booz Allen’s commercial finance program. “As a
result, some are essentially redefining the concept of a network perimeter.”