Skip to main content

Stepping into the Future of Cyber - Financial Services

Deloitte’s 2023 Global Future of Cyber Survey reveals that cyber increasingly plays a foundational role in delivering business outcomes. For the financial services industry, the quality of those outcomes will depend on how well decision-makers understand today’s environment and prepare for what comes next.

These five highlights provide a glimpse into where financial services organizations are now—and where they are going.

Becoming cyber-ready

How can financial services organizations prepare for an evolving cyber landscape? The following five insights and corresponding actions, based on Deloitte’s experience and our survey findings, can provide a starting point for navigating the future of cyber.

Insights to inspire and Actions to consider

1. Regulators are diving deeper. Ongoing cyberattacks put global financial systems at constant risk, somany financial services regulators are taking a more interventionist posture—to understand potential vulnerabilities and to hold organizations accountable to address them effectively.

Constantly check your cyber edge to stay in front of regulations. To know where your organization really stands when it comes to cyber readiness, conductin-depth assessments across the enterprise—covering operational resilience, identity, privacy, cloud strategy, and other business-critical areas.


2. Governance and engagement is starting at the top.
71% of financial services organizations report that the board is involved in cyber issues on a monthly or quarterly basis. There is a growing need to educateboard members on the questions they should be asking, and which details they should be focusing on.

Bolster your board. Do more than update your board on cyber plans and activities. Supplement the board with a cyber advisor or specific cyber skills, providing resources for understanding the state of cyber, the broader context, and the connection between cyber and business outcomes.


3. The growth of cloud and digitalization creates continuous complexity.
Ongoing innovation, digital transformation, and third-party services and solutions bring endless potential for cyber risk. As digital processes and technologies become more critical to business—and more complex—operational resilience becomes an even bigger topic.

Take a risk-based approach to digital initiatives and third parties. Perform ongoing monitoringcommensurate with the risk level and complexity of a relationship or technology program. And periodically reassess existing relationships to determine whether the nature of a third-party activity becomes critical.


4. Companies are upping their cyber investments.
Among financial services organizations, 56% say they will increase their spending on cyber over the next year. That data tracks Deloitte’s overall survey results, which show that across industries 58% of organizations plan to increase their cyber investment in the next year.

Invest in new relationships. As you establish relationships that cover a broad range of needs—from talent acquisition to cyber services providers—have a framework for ensuring security, resilience, and trust from end-to-end, at every touchpoint and interaction, both internally and externally.


5. Talent may be the wild card in the future of cyber.
Companies are pondering multiple possible futures and how they might address talent needs. From a tight cyber talent pool to a potential recessionary environment with hiring freezes, many organizations are concerned they may not be able to find the help they need.

Tap the power of artificial intelligence. The latest AI tools can discern patterns in massive amounts of data, undertake certain cyber activities traditionally performed by humans, and help you better manageyour digital assets. Some potential payoffs: improved efficiency, lower costs, reduced risk, and improved compliance.

To get a broader view of the cyber landscape, explore additional insights from the Deloitte 2023 Global Future of Cyber Survey, which asked 1,110 leaders across industries and across the globe to share their views on cyber threats, enterprise activities, and the future.

Recommendations