Unprecedented vulnerabilities in financial services: KPMG

KPMG specialists say disruptive technologies, particularly generative AI, and the imperative to automate, are exposing financial services executives to unprecedented vulnerabilities.

In Australia, KPMG partner Matt O'Keefe noted that heightened customer and media focus, increasing regulator expectations, and an accelerating threat landscape in volume, speed, and sophistication are all increasing pressure on firms to align cyber preparedness to the risk.

Likewise, KPMG partner Natasha Passley said that the interconnected digital world can too often result in identify theft, fraud, and data breaches, making security inevitably intertwined with fraud and scams.

"Organisations in financial services are best prepared for this with a robust strategy that embraces emerging tech, keeps apace with evolving regulation to reflect the critical nature of their operations; all while making the most of capability that provides holistic visibility of their environment..." Passley said.

So, KPMG highlighted key cybersecurity considerations, including global cyber boundaries and changing regulatory environments. It said as the financial services sector scales technological innovations, regulators are responding with new cybersecurity standards to balance growth governance.

"A central consideration for the financial services sector is how to most effectively navigate the current business landscape to ensure resilience and business continuity," KPMG said.

"Through partnerships, firms can benefit from shared knowledge and enhance their security posture in response to evolving global regulatory demands without having to reinvent the wheel."

Another consideration was to supercharge cybersecurity with automation.

"Digital agendas are proliferating at a massive rate. With the increasing shift to cloud-based systems and remote work, the volume of data that needs protection is skyrocketing," KPMG said.

"As a result, the cyber-attack surface is expanding, creating more alerts and triage events for financial services cyber security leaders to manage. So, how can security teams keep detecting threat after threat and identify what to prioritise? One of the most efficient ways to do that is through automation.

"Using AI and machine learning, the sector can centralise critical security processes for high-risk areas, enabling security teams to pursue more agile and efficient response times."

Finally, to make digital identity individual, not institutional.

"While the financial services sector actively embraces advanced cyber security and Identity Access Management measures, there is a pressing need to accelerate the adoption and preparedness level to keep pace with change," KPMG said.

"Evolving to a model where a digital identity with a high level of assurance is a reality will enable businesses to collect, store, and process less personally identifiable information, which would be a decidedly positive outcome for consumers."