Security is very much on the blockchain community’s minds these days, and the recent announcement by the World Economic Forum (WEF) that its is launching a Fintech-focused initiative called the Fintech Cybersecurity Consortium is welcome news.
As reported in Security Week, the aim is to create a framework for the assessment of cybersecurity in Fintech firms and data aggregators. Founding members of the consortium include Citigroup, Zurich Insurance Group, Fintech lender Kabbage and DTCC. Their intention is to develop common principles for cybersecurity assessments, guidance for implementation, a point-based scoring framework, and guidance on improving an organisation’s score.
Since 2013, cyber attacks on businesses have doubled and it is estimated that over the next five years the cost of cybercrime will be somewhere around $8 trillion, according to Juniper Research. McAfee has also reported that the current cost of global cybercrime is $600 billion. The consortium hopes to reduce this by providing guidance to Fintech firms about best cybersecurity practices and at the same time decrease the complexity that currently exists in cyber regulations around the globe.
This new WEF consortium starts work immediately and will liaise with the WEF’s Global Centre for Cybersecurity in Geneva. WEF spokesperson Georg Schmitt told SecurityWeek that the consortium is “doing this to step in where regulators might not (yet),” and made it clear that recent cyber developments are considered to be a major threat to the financial sector.
Highlighting data aggregators is seen by many experts as the smart way to move forward, because they are a point of vulnerability for cybercrime. The reason for this was explained by David Shrier of Distilled Analytics: “Unknowingly, in our race to adopt new technology over the past 20 years, we have ceded a massive amount of personal information to these third parties (data aggregator and Fintech alike), and it has created gigantic cyber vulnerabilities.”
It is hoped that whatever comes out of the Consortium will raise efforts at C-suite and boardroom level to think more seriously about the issue of cybersecurity and encourage businesses to take proactive steps instead of acting after a breach as is often the case at the moment.