The International Monetary Fund (IMF) has warned about the financial sector's vulnerability to cyber-attacks in its recent 'Chapter 3' publication. The IMF states that cybersecurity risks highly expose this sector, with one in five incidents affecting financial institutions. Although these incidents have not been systemic in nature, the IMF warns that serious attacks targeting major financial institutions could pose a significant threat to macro-financial stability. This is due to the loss of confidence, disruption of critical services, and technological and financial interconnectedness.
While direct losses from cyber-attacks may seem relatively small, at around $500,000 (€460,166), the risk of incurring extreme losses has increased. It has been observed that the number of cyber-attacks has doubled since pre-pandemic times. Therefore, the IMF stresses the importance of national cybersecurity legislation and better corporate governance to reduce the frequency of these cyber threats. In addition, it is recommended that financial companies strengthen their reporting of cyber incidents to supervisory agencies for more effective monitoring of cyber risks.
In summary, the financial sector should enhance its cyber resilience by developing a national cybersecurity strategy, implementing appropriate regulatory and supervisory frameworks, and cultivating a skilled workforce. Additionally, it is recommended that board members be held accountable for the cybersecurity management of their financial firms to promote a suitable risk culture and provide cyber training. Financial institutions need to create and test response and recovery procedures to maintain operations during cyber attacks. National authorities should establish effective response protocols to handle potential major cyber crises.