Search
00
GBAF Logo
trophy
Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

Subscribe to our newsletter

Get the latest news and updates from our team.

Global Banking & Finance Review®

Global Banking & Finance Review® - Subscribe to our newsletter

Company

    GBAF Logo
    • About Us
    • Advertising and Sponsorship
    • Profile & Readership
    • Contact Us
    • Latest News
    • Privacy & Cookies Policies
    • Terms of Use
    • Advertising Terms
    • Issue 81
    • Issue 80
    • Issue 79
    • Issue 78
    • Issue 77
    • Issue 76
    • Issue 75
    • Issue 74
    • Issue 73
    • Issue 72
    • Issue 71
    • Issue 70
    • View All
    • About the Awards
    • Awards Timetable
    • Awards Winners
    • Submit Nominations
    • Testimonials
    • Media Room
    • FAQ
    • Asset Management Awards
    • Brand of the Year Awards
    • Business Awards
    • Cash Management Banking Awards
    • Banking Technology Awards
    • CEO Awards
    • Customer Service Awards
    • CSR Awards
    • Deal of the Year Awards
    • Corporate Governance Awards
    • Corporate Banking Awards
    • Digital Transformation Awards
    • Fintech Awards
    • Education & Training Awards
    • ESG & Sustainability Awards
    • ESG Awards
    • Forex Banking Awards
    • Innovation Awards
    • Insurance & Takaful Awards
    • Investment Banking Awards
    • Investor Relations Awards
    • Leadership Awards
    • Islamic Banking Awards
    • Real Estate Awards
    • Project Finance Awards
    • Process & Product Awards
    • Telecommunication Awards
    • HR & Recruitment Awards
    • Trade Finance Awards
    • The Next 100 Global Awards
    • Wealth Management Awards
    • Travel Awards
    • Years of Excellence Awards
    • Publishing Principles
    • Ownership & Funding
    • Corrections Policy
    • Editorial Code of Ethics
    • Diversity & Inclusion Policy
    • Fact Checking Policy
    Original content: Global Banking and Finance Review - https://www.globalbankingandfinance.com

    A global financial intelligence and recognition platform delivering authoritative insights, data-driven analysis, and institutional benchmarking across Banking, Capital Markets, Investment, Technology, and Financial Infrastructure.

    Copyright © 2010-2026 - All Rights Reserved. | Sitemap | Tags

    Editorial & Advertiser disclosure

    Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

    1. Home
    2. >Technology
    3. >A Culture of Cyber Security Throughout Financial Services Organisations
    Technology

    A Culture of Cyber Security Throughout Financial Services Organisations

    Published by Jessica Weisman-Pitts

    Posted on July 21, 2022

    6 min read

    Last updated: February 5, 2026

    Add as preferred source on Google
    A businessman uses a laptop to highlight the importance of cyber security within financial services organizations, focusing on protecting sensitive customer data and ensuring compliance with regulations.
    Businessman working on laptop, emphasizing cyber security in financial services - Global Banking & Finance Review
    Why waste money on news and opinion when you can access them for free?

    Take advantage of our newsletter subscription and stay informed on the go!

    Subscribe

    Tags:cybersecurityfinancial servicesrisk managementinnovation

    Michael Cantor, CIO, Park Place Technologies

    Financial Services organisations have long been a top target for cyber-attacks given both the nature of their financial transactions and the sensitivity of the data being held and processed. It is not just the digital transactions themselves that entice cyber criminals to regularly try and breach existing security protocols. Financial Services’ organisations hold full Personally Identifiable Information (PII) data sets of customers, including home addresses, social security numbers, banking details, transaction history, phone numbers, email addresses, and income information.

    When breaches occur with this level of dependency information, cyber criminals can go on to easily access accounts, copy payment cards and make fraudulent purchases. Unsurprisingly, breaches are incredibly bad news and high impact in this sector as they undermine customer confidence, create large compensation cases, and regularly cause large fines for non-compliancy of data protection regulations (GDPR).

    CISOs and Risk Managers

    Creation of a complete culture of cyber security that spans right across financial establishments has therefore been a high priority for CISOs and Risk Managers in the finance arena, who find themselves at the forefront of the fight to engineer, foster and encourage a culture of pervasive cyber security awareness. These financial CISOs are the risk management professionals who live and breathe with the knowledge that any lapse by any employee can leave the entire organization exposed and vulnerable, and who understand the importance and safety that adherence to a detailed cyber security plan, unique to their organization, brings. Financial establishments and financial services have, more than any other sector, seen heightened advances in digital innovations through internet banking, mobile apps, and instant payments – and all occurring within a relatively short timescale. Such fast adoption of new technology platforms can cause a perfect storm of vulnerabilities largely through lack of familiarity, potentially increasing the finance industry’s attack vector.

    Given the scope of the threat, no one CISO or group of cyber security specialists can be completely responsible for stemming attacks or changing employee behaviours. The requirement to create a pervasive culture of accountability for cyber security in finance has never been more critical with such a surge in digital innovation. Some CISOs struggle to gain immediate internal acceptance of cyber initiatives as they invariably increase extra security processes or in more extreme scenarios, can initially decrease productivity levels as users grapple with additional layers and verifications. Instead, CISOs should embark on a graduated path of security sensitivities. There are three routes in this journey that CISOs need to develop.

    Understanding Roles

    First, if they are to successfully increase defences, CISOs need to fully understand roles and processes in the existing regime to understand why and when job functions rely on systems that could pose and increase vulnerabilities. Secondly, as with all successful change, CISOs should spend the first months of cyber change initiatives on the ground, familiarising themselves with workflows and identifying suitable departmental ‘champions’ who can act as envoys or ambassadors. They will become practical flag bearers for ongoing change who will be on-point for communications for threat handling and remediation. These departmental cyber champions will also field questions and interactions about cyber concerns, as you would with a local Health and Safety Officer. Creating any true culture change needs to facilitate two-way communications from day one and needs to embrace everyone, so selecting the right team is essential. Recognised accredited cyber training relevant to the expected outcomes of a cyber ambassador is critical here as responsibilities move outside of IT. Not only does individualised cyber training bring empowerment and extra capabilities internally, but it leads to personal recognition that reflects positively on future career opportunities.

    Once a thorough understanding and a development of a network of cyber ambassadors has occurred, CISOs need to quickly move to developing extra employee security practices and providing direction on ongoing cadences. But these new or enhanced security prevention measures invariably add to the time that it takes for employees to finish jobs. Collective attitudes towards prioritising cyber – and by extension, creating a cyber culture – can only be changed by first educating employees on the importance and rationale in changing behaviours or methods of completing a task. This education process can take many forms, starting with various impacts via a series of simple simulated attacks that provide anonymised responses back to risk professionals to highlight gaps in knowledge and provide early indicators on how easily breaches can occur and how fast new cyber processes can be adopted. Additionally, real world documented examples are often used to show how breaches have been catastrophic in similar sized organisations. Ongoing interactive education is key to building a continued culture of security. Education and learnings on the impact of the breach ramifications – from board level to new recruits – is essential, at all times building cyber security as an enabler rather than another workflow process to achieve. Successful financial companies who avoid security breaches on an ongoing basis additionally bring the importance of cyber security into annual employee reviews, keeping it top of mind and primary to employees’ performance (and renumeration). HR therefore also play a key part determining a blame-free, but responsible and empowering security culture.

    Empowering Employees

    Establishing a culture means by its very nature, that all are driving towards the same goal. That means gentle, but constant re-enforcement. And here’s where the third part of cyber empowerment needs a careful balance to avoid falling into negative scare tactics or blame. Financial CISOs, for their part, need to at all times, empower employees with the right tools and resources to intelligently identify, question and report suspected attacks. They also need to deploy easy to use, reliable preventative tools such as password managers and dependable email security software, while not neglecting their own role in the ongoing monitoring of asset discovery to see which assets and software are lurking in the infrastructure (or may have been recently added to the infrastructure). Endpoint security, especially in hybrid environments, is more important than ever in these environments.

    Once a culture exists internally, next, CISO attention must turn towards suppliers and partners who themselves can create an entry point for breach. This can be achieved by clearly setting the organisations cyber security expectations up front and asking suppliers to prove compliance and adherence towards these standards, but within a reasonable, pre-agreed timeframe.

    Creating this inherent cyber culture can only occur through ongoing education and training of employees on the ever-changing threat landscape and linking the importance and rationale to adopt best practices. To achieve an ongoing culture of acceptance, cyber security must clearly help employees get their jobs done so that being security conscious is a positive, ongoing experience for any financial services business.

    Frequently Asked Questions about A Culture of Cyber Security Throughout Financial Services Organisations

    1What is cybersecurity?

    Cybersecurity refers to the practice of protecting systems, networks, and programs from digital attacks. It involves safeguarding sensitive data from unauthorized access, theft, and damage.

    2
    What is risk management?

    Risk management is the process of identifying, assessing, and controlling threats to an organization's capital and earnings. It involves analyzing potential risks and implementing strategies to mitigate them.

    3What is data protection?

    Data protection refers to the practices and processes that safeguard personal and sensitive information from loss, theft, or unauthorized access. It is essential for maintaining privacy and compliance with regulations.

    4What is innovation in financial services?

    Innovation in financial services involves the introduction of new ideas, products, or processes that improve efficiency, customer experience, or security in the financial sector.

    5What is Personally Identifiable Information (PII)?

    Personally Identifiable Information (PII) is any data that can be used to identify an individual, such as names, social security numbers, addresses, and financial information.

    More from Technology

    Explore more articles in the Technology category

    Image for Innovation Through Partnership: The Role of External Tech Teams
    Innovation Through Partnership: The Role of External Tech Teams
    Image for Nominations Open for Technology Awards 2026
    Nominations Open for Technology Awards 2026
    Image for Nominations Open for Innovation Awards 2026
    Nominations Open for Innovation Awards 2026
    Image for Archie earns industry recognition across G2, Capterra, and SoftwareReviews
    Archie Earns Industry Recognition Across G2, Capterra, and SoftwareReviews
    Image for The Bankaool Transformation: How a Regional Mexican Bank Became a Fintech Disruptor
    The Bankaool Transformation: How a Regional Mexican Bank Became a FinTech Disruptor
    Image for Submit Your Entry Today for Digital Banking Awards 2026
    Submit Your Entry Today for Digital Banking Awards 2026
    Image for Behavioral AI in Financial Services: Moving Beyond Automation Toward Human Understanding
    Behavioral AI in Financial Services: Moving Beyond Automation Toward Human Understanding
    Image for Submit Your Entry for Brand of the Year Awards Technology Bahrain 2026
    Submit Your Entry for Brand of the Year Awards Technology Bahrain 2026
    Image for Entries Now Open for Best Islamic Open Banking Burkina Faso APIs 2026
    Entries Now Open for Best Islamic Open Banking Burkina Faso APIs 2026
    Image for Entrepreneurial Discipline in the AI Economy: Insights from Dmytro Lavryniuk
    Entrepreneurial Discipline in the AI Economy: Insights From Dmytro Lavryniuk
    Image for Entries Now Open for Best New Digital Wallet Innovation Award 2026
    Entries Now Open for Best New Digital Wallet Innovation Award 2026
    Image for Call for Entries: Best Digital Wallet 2026
    Call for Entries: Best Digital Wallet 2026
    View All Technology Posts
    Previous Technology PostFingerprints Surpasses 1.5 Billion-Sensor Milestone as Biometric Adoption in New Areas Accelerates
    Next Technology PostWhat Legal Technology Can Teach the World of Finance