You may be trying to access this site from a secured browser on the server. Please enable scripts and reload this page.
Turn on more accessible mode
Turn off more accessible mode
Skip Ribbon Commands
Skip to main content
Turn off Animations
Turn on Animations
Cyber Transformations: the Conversation Continues
ESBG representatives join Euro Retail Payments Board
WSBI-ESBG responds to NSFR consultation
BPCE posts first quarter 2014 results
ICBA: House passes much-needed regulatory relief bill
WSBI present at Asia Microfinance Forum from 4-8 August 2014
ESBG gives input to Payments Services Directive update
WSBI sponsors study on mobile telephones, banking behaviour
WSBI Ugandan member lends to farm entrepreneurs
WSBI presents 'Doublings Savings Accounts' programme in Turkey
WSBI addresses MED Confederation financial reform event
WSBI supports Asia Microfinance Forum
German savings banks win court case on logo colour
EFRAG welcomes new members
Portuguese ESBG Member Montepio supports SMEs
Italian member publishes latest magazine edition
WSBI participates in financial inclusion event
Financial History Review calls for papers
Cyber Transformations: the Conversation Continues
Last November 19, the last session of Cyber Transformations took place, with a simulation exercise for the regional units of Eastern Europe and Asia. It was the fifth webinar of the series, jointly designed by WSBI-ESBG, the Global Cyber Alliance (GCA), and Thrive with EQ with the purpose of stimulating the internal debate on cybersecurity among the members of WSBI-ESBG, regardless of their size, resources or degree of digitalisation.
The origin of this project goes back to a face-to-face training in the WSBI Africa regional group meeting. The original intention of this activity was to show the large display of free resources and guidance offered by the Carnegie Endowment for International Peace (CEIP)’s FinCyber project and GCA’s Cybersecurity Toolkit for Small Businesses.
That African session, furthermore, included an addition—a simulation focused on the human side of cybersecurity. This was to be designed by Thrive with EQ, led by the founder Nadja El Fertasi, a former senior executive in NATO's Communication and Information Agency, and a subject-matter expert in emotional intelligence.
The emergence of COVID-19 frustrated that conference, but not the essence of the proposal, which, indeed, became even more relevant. The global move to remote working, the accelerated digitalisation undergone by thousands of companies, the unstoppable increase in cyber criminality, and the stress of millions of workers struggling to navigate through personal and professional challenges simultaneously were all solid grounds to go for a more ambitious approach to the Cyber Transformation series.
After months of work, Cyber Transformations was finally launched in October as a five-session series of free webinars focused on the corporate cultural transformation required to develop an effective cybersecurity strategy. The two initial ones, on strategy and operations, were open and included an impressive selection of global experts.
The session on strategy, held on October 8 and introduced by Mr Chris de Noose (Managing Director, ESBG) and Mr Terry Wilson (Global Partnership Officer, GCA), was addressed to executive roles. The objective was double. First, to reflect on some of the biggest cyber concerns for financial institutions worldwide, namely, authentication (key to secure remote working), email security (email is still the no. 1 vector of all attacks), and the close connections between e-crime and money laundering (a growing problem in a context of increasingly strict regulations). Secondly, to show that transformation is possible but requires strong and continous executive support.
Session Two, on October 20, focused on operations. It offered a transition from basic cybersecurity planning, centered on the key issues of secure email and phishing, to state-of-the-art solutions for critical concerns such as personnel awareness or advanced persistent threats (ATPs). This session also included an overview on the free guidance offered by the multilingual Capacity-building Tool Box (CEIP’s FinCyber project) and the complementary free tools and resources of GCA’s Cybersecurity Toolkit for Small Business.
The last three sessions, three crisis simulation exercises executed by Thrive with EQ and designed jointly with GCA and the regional units of WSBI-ESBG, were restricted to members of the association. They covered critical concerns for these regions in a unique approach where, by means of an evolving cybersecurity incident and a role-play game, the human and emotional sides of crisis management were tested:
Latin America: mobile banking
Africa: email and mobile banking
Eastern Europe & Asia: customer data
Interestingly enough, all five sessions—either led by subject-matter experts or by the banking employees participating at the cyber simulations—drew similar conclusions that, eventually, proved the adequateness of the focus chosen:
Cybersecurity cannot be siloed: even if it is a highly technical activity by definition, its implications and strategies should be organisation-wide and cover all the activities in the financial institution, from compliance to business generation
Cybersecurity is everybody’s business: from the top managers to the clerks in the remotest branch, all employees, managers, vendors, clients, and stakeholders should be aware of the most basic cyber hygiene practices
Cybersecurity needs leadership to be effective: the deployment of a cybersecurity strategy is a top-down effort that usually involves a full change of corporate culture—it requires authority and leadership (at top executive level) to be fully effective
Cybersecurity is a human activity: e-criminals usually resort to ‘the human factor’ to perform their attacks; this is why all cybersecurity strategies should include a focus on analysing and training emotional intelligence and other aspects of human interaction
There are lots of resources available: smaller financial institutions are not alone–lots of guidance and free resources are available to assist them in their cybersecurity journey; organisations such as GCA or CEIP can be a perfect first stop to get started.
With 174 participants from 32 countries, representing 58 organisations—mostly financial institutions—from a variety of positions and responsibilities, from CEOs to marketing experts, Cyber Transformations had a significant impact.
Following the feedback received from many participants, GCA, Thrive with EQ, and WSBI-ESBG are now working to make this impact deeper by means of new, focused sessions that will be arranged globally and locally, virtually and physically, across this new year of 2021.
Let’s keep the momentum. Let’s keep the cyber transformation going.
Alejandro Fernández-Cernuda Díaz, Director of Communications and Marketing at Global Cyber Alliance