As I had the honor of moderating a recent cybersecurity conference in the Financial Sector, I’d like to share with you some of my insights and reflections from the event.
As we live in a digital world, cybersecurity is more critical than ever before, and the finance sector is one of the most vulnerable and critical sectors to maintain during a crisis. The conference brought together experts from diverse fields in the finance sector, including the global bank SEB, insurance company Folksam, payments by Tink, the Swedish Cybercrime Center SC3, cybersecurity firm Truesec, consultants from Sentor, Nixu, and the Swedish Finansinspektionen FI. One of the most encouraging aspects of the conference was the willingness of the participants to share their insights and collaborate on best practices. The conference highlighted the importance of working together to protect our digital systems and create a safer world.
“Cybersecurity shouldn’t be a part where companies compete.”
The Rising Cost of Cybercrime 💻💵
During the conference, we discussed the rising cost of cybercrime, which has become a $1.5 trillion threat to the global economy. As we rely more heavily on technology in our daily lives, the threat of cyber attacks is a growing concern. This alarming statistic highlights the need for increased awareness and action to prevent and mitigate cyber threats.
We also talked about the NIS2 Directive, which is the latest effort by the European Union to improve the resilience of its critical infrastructure against cyber threats. The directive sets out a common framework for managing cyber risks, with a particular focus on strengthening the cybersecurity of operators of essential services and digital service providers. The NIS2 Directive requires OES and DSPs to implement robust cybersecurity measures, such as risk management, incident response planning, and reporting of cyber incidents.
Moreover, we discussed the Digital Operational Resilience Act (DORA), which is the latest legislative effort by the European Union to improve the resilience of its financial sector against cyber threats. The directive sets out a comprehensive framework for managing digital operational risks, with a particular focus on strengthening the cybersecurity of financial institutions. The DORA directive requires financial institutions to implement a range of measures to improve their digital resilience, such as risk management, incident response planning, and reporting of cyber incidents.
Overall, the conference highlighted the massive impact that cybercrime can have on both individual countries and the global economy as a whole. Cooperation is key, and the NIS2 Directive and DORA are essential steps towards better crisis management and cybersecurity. The conference emphasized the importance of collaboration, enhancing situational awareness, information-sharing, and best practices across sectors and Member States to improve the overall cybersecurity posture of the region. By establishing a common framework and encouraging collaboration, the directive is helping to ensure the safety and security of citizens and businesses in the region.
Some reflections from a crisis management point of view:
- Collaboration is critical in crisis management: The conference highlighted the importance of collaboration and information-sharing among experts from different fields in the finance sector to protect critical infrastructure against cyber threats. This is a valuable lesson for crisis managers, who should prioritize collaboration with other stakeholders during a crisis to effectively manage it.
- Cybersecurity is a growing concern: As we rely more heavily on technology in our daily lives, the threat of cyber attacks is becoming a more significant concern. This underscores the need for increased awareness and action to prevent and mitigate cyber threats. Crisis managers should, therefore, stay updated on the latest trends in cyber threats and proactively plan to prevent them.
- Regulations can be effective in managing crises: The NIS2 Directive and DORA are examples of regulatory efforts by the European Union to improve the resilience of critical infrastructure and the financial sector against cyber threats. Crisis managers can learn from these examples that regulations can be effective tools in managing crises, and they should be proactive in complying with any relevant regulations.
- Crisis management requires a comprehensive approach: The DORA directive requires financial institutions to implement a range of measures to improve their digital resilience, such as risk management, incident response planning, and reporting of cyber incidents. Crisis managers can learn from this approach that effective crisis management requires a comprehensive approach that considers all aspects of the crisis, from prevention to response and recovery.
- Cybersecurity is a shared responsibility: The conference emphasized that cybersecurity is not an area where companies should compete but rather an area where cooperation is key. This highlights that cybersecurity is a shared responsibility, and all stakeholders should work together to protect critical infrastructure against cyber threats. Crisis managers should, therefore, engage with all relevant stakeholders, including government agencies, private companies, and the public, to effectively manage crises.
In conclusion, it is crucial to work together to protect our digital systems and create a safer world. With the rising cost of cybercrime, increased awareness and action are necessary to prevent and mitigate cyber threats. By implementing the NIS2 Directive and DORA, we can strengthen the cybersecurity of critical infrastructure in the EU and improve the resilience of its financial sector against cyber threats.By working together and implementing best practices, we can protect our digital systems and create a safer world.
As we have seen, cybersecurity is more important than ever before, and the consequences of a cyber attack can be devastating.