Technology Record - Issue 33: Summer 2024

FEATURE Risky Business Regulators have increased their scrutiny of the cybersecurity risks faced by financial services organisations. Tom Deprins tells us about the evolving risk landscape and how Microsoft is helping firms to comply with regulation and defend themselves against increasingly sophisticated threats BY ALICE CHAMBERS 90 Chief risk officers at financial services firms – who traditionally focused on credit, market and operational risk – are now most concerned about non-financial risks. EY surveyed senior risk executives from 86 banks across 37 countries for the 13th annual EY/IIF global bank risk management survey and found that cybersecurity is, by a large margin, the risk they will pay most attention to in the immediate term. It was cited as a top-five risk by 73 per cent of respondents, compared to 36 per cent for the two next-highest ranked risks: implementation of regulatory rules and operational resilience. EY describes cybersecurity risk as “a portfolio of multiple risks, including different forms of ransomware attacks, expanding activity by state-sponsored bad actors and the risks associated with ecosystems, generative artificial intelligence and other thirdparty relationships”. This complexity in cyber risk management has also seen regulators increasing their scrutiny of cybersecurity. Photo: iStock/pixdeluxe