World Economic Forum creates fintech focus group for cyber security

The World Economic Forum (WEF) has created a consortium of financial services and technology companies to help protect the growing financial technology (fintech) industry and its customers from cyber security threats.

The consortium, which includes IT giant Hewlett Packard Enterprise (HPE), will share information and encourage fintechs to adopt standards.

The group comprises Citigroup, Zurich Insurance Group, fintech lender Kabbage, US clearing and settlement service provider the Depository Trust & Clearing Corporation (DTCC), and HPE.

“Cyber risk is the number one threat to the financial services industry and its infrastructure, so it is critically important that we work together to share insights and drive best practice,” said Michael Bodson, CEO at DTCC. “This initiative will further strengthen cyber resilience and foster greater collaboration with our colleagues across the public and private sectors globally.”

The focus group idea was hatched at the WEF in Davos in January, when participants identified the growing threat of cyber attacks to financial services providers as a key concern for the global financial system.

In its white paper Innovation-driven cyber risk to customer data in financial services, the WEF identified 19 steps fintechs should take to protect data. “Of the 19 solutions identified to address innovation-driven cyber risk to customer data, two have been prioritised for further action by the project team,” said the WEF. “The 17 other solutions are strongly recommended for consideration by actors across the financial services system.”

As a priority, fintechs should adopt cyber risk measurement and cyber security assessment, the white paper said. “Advanced approaches and standardised measures for cyber risk quantification are needed to improve the understanding and comparability of cyber metrics and help organisations maximise the return on their investments,” it said.

“Enhanced cyber security guidance and assessment mechanisms, including common principles for cyber security assessments, a point-based scoring mechanism and practical steps for improvement, will allow companies to evaluate and improve their cyber security readiness.”

Mario Greco, CEO at Zurich Insurance, said the consortium would help financial services companies adopt best cyber security practices and reduce the complexity of diverging cyber regulation around the world.

Greco said cyber breaches recorded by businesses have almost doubled since 2013 and the estimated cost of cyber crime is $8tn over the next five years.

Matthew Blake, head of the WEF’s financial and monetary system initiative, said fintechs can deliver on their customer experience promises only if the financial system can manage risks adequately. “This consortium will offer technology companies a clear goalpost and thus enable them to implement sound cyber security measures at the product design stage,” he said.

It is not just fintechs that the WEF is supporting. In January, the organisation urged governments to put aside their political differences to collaborate on cyber security defence amid evidence that cyber attacks have caused the global economy more damage than hurricanes, floods and other natural disasters.