and the Financial Services Industry
The world’s financial systems are no longer discrete, but are instead an increasingly interconnected ecosystem. The SWIFT network connects over 10,000 banks. Financial institutions are delivering products through third parties to adapt to financial technology disruption.
As a result, the financial services industry faces critical third-party cyber risk management challenges.
Lack of Knowledge: A July 2016 EY third-party risk management maturity survey found that only 35 percent of organizations report third-party breaches to the board. This is consistent with an April 2015 New York State Department of Financial Services (NYDFS) survey that found that a third of the 40 top banks it surveyed do not require vendors to notify them if they find a cybersecurity breach.
Process Inefficiency: The EY survey also showed that 69 percent of organizations still use spreadsheets for assessments, while the NYDFS survey revealed that less than half conduct an on-site assessment of their vendors.
EY further found an overall increase in use of proprietary technology, indicating that there is a strong market need for a more collaborative and process-focused integrated solution.
Learn about how CyberGRX can help the financial services industry.
TAKING A RISK-BASED APPROACH TO FINANCIAL SERVICES TPCRM
A company’s Board of Directors maintains ultimate responsibility for third party compliance. More boards are asking, “What is the risk in your digital ecosystem?” Do you know the answer?
The Gramm–Leach–Bliley Act (GLBA), Federal Reserve Board, FFIEC, Dodd-Frank Act, FDIC, National Credit Union Association and other regulatory bodies all address third party cyber security with stringent requirements centered on consumer protection. Are you “checking the boxes” or taking a proactive approach to risk, threats and vulnerability management?
The cyber attacks on the SWIFT network illustrates the fact that most companies don’t know which of their third parties pose the greatest risks to their organizations. A single vulnerability within one of those trusted connections is all it takes for cyber criminals do real and lasting damage.
ENABLING SAFE, COMPLIANT, AND EFFICIENT FINANCIAL SERVICES COMPANIES
The CyberGRX Exchange is the market’s first cyber risk exchange designed to make it simple, easy and cost effective to get up-to-date, comprehensive one-click access to your third parties cyber risk assessments. The platform is purpose built to transform your third party cyber risk management process from a compliance-based to a risk management-based approach.
The CyberGRX Exchange provides financial services organizations:
-Visibility to understand the cyber risk posture of everyone in your digital ecosystem, including third and fourth parties.
-Real-time analytics to answer the question, “Which of our third parties pose the most risk to our organization today?” at any time.
-Ready, easy-to-use access for regulators to the deep, up-to-date assessments in the CyberGRX Exchange to efficiently ensure compliance with all financial services regulations.