Opinion: We must defend against the cyber threats facing our global financial systems - CNN
We must defend against the cyber threats facing our global financial systems
Opinion by Tim Maurer and Arthur Nelson for CNN Business Perspectives
Updated 2023 GMT (0423 HKT) March 16, 2021
cybercrime, hacking and technology concept - male hacker in dark room writing code or using computer virus program for cyber attack; Shutterstock ID 1083511010; Job: -
Now PlayingRemote work leads to...
BERLIN, GERMANY - JUNE 22: In this photo Illustration hands typing on a computer keyboard on June 22, 2016 in Berlin, Germany. (Photo Illustration by Thomas Trutschel/Photothek via Getty Images)
5 of the biggest data breaches
People walk past a branch of the Capital One Bank on April 17, 2019 in New York City. (Photo by Johannes EISELE / AFP) (Photo credit should read JOHANNES EISELE/AFP/Getty Images)
Romans: Don't trust companies to protect your data
Weather Channel goes off air because of 'malicious software attacks'
LONDON, ENGLAND - AUGUST 09: In this photo illustration, an image of the Google logo is reflected on the eye of a young man on August 09, 2017 in London, England. Founded in 1995 by Sergey Brin and Larry Page, Google now makes hundreds of products used by billions of people across the globe, from YouTube and Android to Smartbox and Google Search. (Photo by Leon Neal/Getty Images)
Here's why it's so hard to spot deepfakes
HANOVER, GERMANY - MARCH 05: A visitor types on a laptop computer at the Google stand the day before the CeBIT 2012 technology trade fair officially opens to the public on March 5, 2012 in Hanover, Germany. CeBIT 2012, the world's largest information technology trade fair, will run from March 6-10, and advances in cloud computing are a major feature this year. (Photo by Sean Gallup/Getty Images)
Google+ to shut down after security bug
A lit sign at Facebook's corporate headquarters location in Menlo Park, California, on March 21, 2018.
Exclusive: Is Facebook doing enough to stop election meddling?
A new approach to cybersecurity: Let the hackers in
Inside China's biggest gadget market
cybercrime, hacking and technology concept - male hacker in dark room writing code or using computer virus program for cyber attack; Shutterstock ID 1083511010; Job: -NOW PLAYING
Remote work leads to growing concerns over cybersecurity
Cybersecurity expert: Groups like Proud Boys need to be treated like ISIS online
This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, the Red Hacker Alliance -- one of China's most well-known patriotic "hacktivist" groups -- maintain battle in the country's nationalistic online war. (Photo by NICOLAS ASFOURI / AFP)
Analyst explains why hospitals are vulnerable to hackers
A hacker stole $1 million from him by tricking his cell phone provider
SocialProof Security CEO Rachel Tobac uses social engineering to hack CNN tech reporter Donie O'Sullivan's accounts.
Watch how a social engineering hack works
CNN Business' reporter Donie O'Sullivan ran his photo through Clearview AI's software during a demo at CNN's studio.
Is this facial recognition app going too far? We tested it
Fiber optic cables feed into a switch inside a communications room at an office in London, U.K., on Monday, May 21, 2018. The Department of Culture, Media and Sport will work with the Home Office to publish a white paper later this year setting out legislation, according to a statement, which will also seek to force tech giants to reveal how they target abusive and illegal online material posted by users. Photographer: Jason Alden/Bloomberg via Getty Images
How to protect yourself from hackers
BERLIN, GERMANY - JUNE 22: In this photo Illustration hands typing on a computer keyboard on June 22, 2016 in Berlin, Germany. (Photo Illustration by Thomas Trutschel/Photothek via Getty Images)
5 of the biggest data breaches
People walk past a branch of the Capital One Bank on April 17, 2019 in New York City. (Photo by Johannes EISELE / AFP) (Photo credit should read JOHANNES EISELE/AFP/Getty Images)
Romans: Don't trust companies to protect your data
Weather Channel goes off air because of 'malicious software attacks'
LONDON, ENGLAND - AUGUST 09: In this photo illustration, an image of the Google logo is reflected on the eye of a young man on August 09, 2017 in London, England. Founded in 1995 by Sergey Brin and Larry Page, Google now makes hundreds of products used by billions of people across the globe, from YouTube and Android to Smartbox and Google Search. (Photo by Leon Neal/Getty Images)
Here's why it's so hard to spot deepfakes
HANOVER, GERMANY - MARCH 05: A visitor types on a laptop computer at the Google stand the day before the CeBIT 2012 technology trade fair officially opens to the public on March 5, 2012 in Hanover, Germany. CeBIT 2012, the world's largest information technology trade fair, will run from March 6-10, and advances in cloud computing are a major feature this year. (Photo by Sean Gallup/Getty Images)
Google+ to shut down after security bug
A lit sign at Facebook's corporate headquarters location in Menlo Park, California, on March 21, 2018.
Exclusive: Is Facebook doing enough to stop election meddling?
A new approach to cybersecurity: Let the hackers in
Inside China's biggest gadget market
cybercrime, hacking and technology concept - male hacker in dark room writing code or using computer virus program for cyber attack; Shutterstock ID 1083511010; Job: -
Remote work leads to growing concerns over cybersecurity
Cybersecurity expert: Groups like Proud Boys need to be treated like ISIS online
This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, the Red Hacker Alliance -- one of China's most well-known patriotic "hacktivist" groups -- maintain battle in the country's nationalistic online war. (Photo by NICOLAS ASFOURI / AFP)
Analyst explains why hospitals are vulnerable to hackers
A hacker stole $1 million from him by tricking his cell phone provider
SocialProof Security CEO Rachel Tobac uses social engineering to hack CNN tech reporter Donie O'Sullivan's accounts.
Watch how a social engineering hack works
CNN Business' reporter Donie O'Sullivan ran his photo through Clearview AI's software during a demo at CNN's studio.
Is this facial recognition app going too far? We tested it
Fiber optic cables feed into a switch inside a communications room at an office in London, U.K., on Monday, May 21, 2018. The Department of Culture, Media and Sport will work with the Home Office to publish a white paper later this year setting out legislation, according to a statement, which will also seek to force tech giants to reveal how they target abusive and illegal online material posted by users. Photographer: Jason Alden/Bloomberg via Getty Images
How to protect yourself from hackers
BERLIN, GERMANY - JUNE 22: In this photo Illustration hands typing on a computer keyboard on June 22, 2016 in Berlin, Germany. (Photo Illustration by Thomas Trutschel/Photothek via Getty Images)
5 of the biggest data breaches
This article has been edited from its original version. It was originally published in its entirety in the International Monetary Fund's Spring 2021 issue of Finance & Development magazine. Tim Maurer is the former director of the Cyber Policy Initiative and a senior fellow in the Carnegie Institute of International Peace's Technology and International Affairs Program. Arthur Nelson is a research analyst for the Carnegie Endowment for International Peace's Cyber Policy Initiative. The opinions expressed in this commentary are their own.
Perspectives Tim Maurer and Arthur Nelson
Today, the assessment that a major cyber attack poses a threat to financial stability is axiomatic— not a question of if, but when. Yet the world's governments and companies continue to struggle to contain the threat because it remains unclear who is responsible for protecting the system.
Increasingly concerned, key voices are sounding the alarm. In February 2020, Christine Lagarde, president of the European Central Bank and former head of the International Monetary Fund, warned that a cyber attack could trigger a serious financial crisis. In April 2020, the Financial Stability Board (FSB) warned that "a major cyber incident, if not properly contained, could seriously disrupt financial systems, including critical financial infrastructure, leading to broader financial stability implications." The potential economic costs of such events can be immense and the damage to public trust and confidence significant.
The global economy won't recover if we don't get vaccines to developing countries, too
The global economy won't recover if we don't get vaccines to developing countries, too
Two ongoing trends exacerbate this risk. First, the global financial system is going through an unprecedented digital transformation, which is being accelerated by the Covid-19 pandemic. Banks compete with technology companies; technology companies compete with banks. Meanwhile, the pandemic has heightened demand for online financial services and made work-from-home arrangements the norm. Central banks around the globe are considering throwing their weight behind digital currencies and modernizing payment systems.
Second, malicious actors are taking advantage of this digital transformation and pose a growing threat to the global financial system, financial stability and confidence in the integrity of the system. The pandemic has even supplied fresh targets for hackers. The financial sector is experiencing the second-largest share of Covid-19-related cyber attacks, behind only the health sector, according to the Bank for International Settlements.
Who is behind the threat?
The malicious actors behind these attacks include not only increasingly daring criminals — such as the Carbanak group, which targeted financial institutions to steal more than $1 billion during 2013-2018 — but also states and state-sponsored attackers. North Korea, for example, has stolen some $2 billion from at least 38 countries in the past five years.
This is a global problem. While cyber attacks in high-income countries tend to make headlines, less attention is paid to the growing number of attacks on softer targets in low- and lower-middle-income countries. Yet it is in those countries where the push toward greater financial inclusion has been most pronounced, leading many to leapfrog to digital financial services such as mobile payment systems. Although they do advance financial inclusion, digital financial services also offer a target-rich environment for hackers.
An international strategy
To achieve more effective protection of the global financial system against cyber threats, the Carnegie Endowment for International Peace released a report in November 2020 titled "International Strategy to Better Protect the Global Financial System against Cyber Threats."
Developed in collaboration with the World Economic Forum, the report recommends specific actions to reduce fragmentation by fostering more collaboration, both internationally and among government agencies, financial firms and tech companies. The strategy is based on four principles:
Greater clarity about roles and responsibilities is required. Only a handful of countries have built effective domestic relationships among their financial authorities, law enforcement, diplomats, other relevant government actors and industry. Existing fragmentation hampers international cooperation and weakens the international system's collective resilience, recovery and response capabilities.
International collaboration is necessary and urgent. Given the scale of the threat and the system's globally interdependent nature, individual governments, financial firms and tech companies cannot effectively protect against cyber threats if they work alone.
Reducing fragmentation will free up capacity to tackle the problem. Many initiatives are underway to better protect financial institutions, but they remain siloed. Some of these efforts duplicate each other, increasing transaction costs. Several of these initiatives are mature enough to be shared, better coordinated and further internationalized.
Protecting the international financial system can be a model for other sectors. The financial system is one of the few areas in which countries have a clear shared interest in cooperation, even when geopolitical tensions are high. Focusing on the financial sector provides a starting point and could pave the way to better protection of other sectors in the future.
Among actions for strengthening cyber resilience, the report recommends that the FSB develop a basic framework for supervising cyber risk management at financial institutions. Governments and industry should strengthen security by sharing information on threats and by creating financial computer emergency response teams (CERTs), modeled on Israel's FinCERT.
Our pandemic nightmare is almost over. We should thank the US government
Our pandemic nightmare is almost over. We should thank the US government
Financial authorities should also prioritize increasing the financial sector's resilience against attacks targeting data and algorithms. This should include secure, encrypted data vaulting that allows members to securely back up customer account data overnight. Regular exercises to simulate cyber attacks should be employed to identify weaknesses and develop action plans.
To reinforce international norms, the report recommends that governments make clear how they will apply international law to cyberspace and strengthen norms to protect the integrity of the financial system. Responses can include sanctions, arrests and asset seizures.
Governments can support these efforts by establishing entities to assist in assessing threats and coordinating responses. Intelligence gathering should include a focus on threats to the financial system, and governments should share such intelligence with allies and like-minded countries.
Building capacity
The comprehensive strategy outlined in the Carnegie report depends in turn on building the cybersecurity workforce, expanding the financial sector's cybersecurity capacity and safeguarding gains in financial inclusion that have resulted from the digital transformation.
Elevated unemployment due to the pandemic provides an important opportunity for training and hiring talented people to strengthen the cybersecurity workforce. Financial services firms should invest in initiatives to build the talent pipeline, including high school, apprenticeship and university programs.
US trade policy has failed Black and Latino workers
US trade policy has failed Black and Latino workers
Building cybersecurity capacity also means focusing on providing assistance where it is needed. The IMF and other international organizations have received many requests for cybersecurity assistance from member states. G20 governments and central banks could create an international mechanism to build cybersecurity capacity for the financial sector, with an international agency such as the IMF designated to coordinate the effort. The Organisation for Economic Co-operation and Development and international financial institutions should make cybersecurity capacity-building an element of development assistance packages and should significantly increase assistance to countries in need.
Finally, maintaining progress in financial inclusion requires strengthening cybersecurity. This is particularly urgent in Africa, with many countries on the continent experiencing a significant transformation of their financial sectors as they extend financial inclusion and move to digital financial services. A network of experts should be created to focus specifically on cybersecurity in Africa.
The time has come for the international community — including governments, central banks, supervisors, industry and other relevant stakeholders — to come together to address this urgent and important challenge. A well-thought-out strategy, such as the one above, provides a blueprint for turning words into action.
Opinion by Tim Maurer and Arthur Nelson for CNN Business Perspectives
Updated 2023 GMT (0423 HKT) March 16, 2021
cybercrime, hacking and technology concept - male hacker in dark room writing code or using computer virus program for cyber attack; Shutterstock ID 1083511010; Job: -
Now PlayingRemote work leads to...
BERLIN, GERMANY - JUNE 22: In this photo Illustration hands typing on a computer keyboard on June 22, 2016 in Berlin, Germany. (Photo Illustration by Thomas Trutschel/Photothek via Getty Images)
5 of the biggest data breaches
People walk past a branch of the Capital One Bank on April 17, 2019 in New York City. (Photo by Johannes EISELE / AFP) (Photo credit should read JOHANNES EISELE/AFP/Getty Images)
Romans: Don't trust companies to protect your data
Weather Channel goes off air because of 'malicious software attacks'
LONDON, ENGLAND - AUGUST 09: In this photo illustration, an image of the Google logo is reflected on the eye of a young man on August 09, 2017 in London, England. Founded in 1995 by Sergey Brin and Larry Page, Google now makes hundreds of products used by billions of people across the globe, from YouTube and Android to Smartbox and Google Search. (Photo by Leon Neal/Getty Images)
Here's why it's so hard to spot deepfakes
HANOVER, GERMANY - MARCH 05: A visitor types on a laptop computer at the Google stand the day before the CeBIT 2012 technology trade fair officially opens to the public on March 5, 2012 in Hanover, Germany. CeBIT 2012, the world's largest information technology trade fair, will run from March 6-10, and advances in cloud computing are a major feature this year. (Photo by Sean Gallup/Getty Images)
Google+ to shut down after security bug
A lit sign at Facebook's corporate headquarters location in Menlo Park, California, on March 21, 2018.
Exclusive: Is Facebook doing enough to stop election meddling?
A new approach to cybersecurity: Let the hackers in
Inside China's biggest gadget market
cybercrime, hacking and technology concept - male hacker in dark room writing code or using computer virus program for cyber attack; Shutterstock ID 1083511010; Job: -NOW PLAYING
Remote work leads to growing concerns over cybersecurity
Cybersecurity expert: Groups like Proud Boys need to be treated like ISIS online
This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, the Red Hacker Alliance -- one of China's most well-known patriotic "hacktivist" groups -- maintain battle in the country's nationalistic online war. (Photo by NICOLAS ASFOURI / AFP)
Analyst explains why hospitals are vulnerable to hackers
A hacker stole $1 million from him by tricking his cell phone provider
SocialProof Security CEO Rachel Tobac uses social engineering to hack CNN tech reporter Donie O'Sullivan's accounts.
Watch how a social engineering hack works
CNN Business' reporter Donie O'Sullivan ran his photo through Clearview AI's software during a demo at CNN's studio.
Is this facial recognition app going too far? We tested it
Fiber optic cables feed into a switch inside a communications room at an office in London, U.K., on Monday, May 21, 2018. The Department of Culture, Media and Sport will work with the Home Office to publish a white paper later this year setting out legislation, according to a statement, which will also seek to force tech giants to reveal how they target abusive and illegal online material posted by users. Photographer: Jason Alden/Bloomberg via Getty Images
How to protect yourself from hackers
BERLIN, GERMANY - JUNE 22: In this photo Illustration hands typing on a computer keyboard on June 22, 2016 in Berlin, Germany. (Photo Illustration by Thomas Trutschel/Photothek via Getty Images)
5 of the biggest data breaches
People walk past a branch of the Capital One Bank on April 17, 2019 in New York City. (Photo by Johannes EISELE / AFP) (Photo credit should read JOHANNES EISELE/AFP/Getty Images)
Romans: Don't trust companies to protect your data
Weather Channel goes off air because of 'malicious software attacks'
LONDON, ENGLAND - AUGUST 09: In this photo illustration, an image of the Google logo is reflected on the eye of a young man on August 09, 2017 in London, England. Founded in 1995 by Sergey Brin and Larry Page, Google now makes hundreds of products used by billions of people across the globe, from YouTube and Android to Smartbox and Google Search. (Photo by Leon Neal/Getty Images)
Here's why it's so hard to spot deepfakes
HANOVER, GERMANY - MARCH 05: A visitor types on a laptop computer at the Google stand the day before the CeBIT 2012 technology trade fair officially opens to the public on March 5, 2012 in Hanover, Germany. CeBIT 2012, the world's largest information technology trade fair, will run from March 6-10, and advances in cloud computing are a major feature this year. (Photo by Sean Gallup/Getty Images)
Google+ to shut down after security bug
A lit sign at Facebook's corporate headquarters location in Menlo Park, California, on March 21, 2018.
Exclusive: Is Facebook doing enough to stop election meddling?
A new approach to cybersecurity: Let the hackers in
Inside China's biggest gadget market
cybercrime, hacking and technology concept - male hacker in dark room writing code or using computer virus program for cyber attack; Shutterstock ID 1083511010; Job: -
Remote work leads to growing concerns over cybersecurity
Cybersecurity expert: Groups like Proud Boys need to be treated like ISIS online
This photo taken on August 4, 2020 shows Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, using his computer at their office in Dongguan, China's southern Guangdong province. - From a small, dingy office tucked away in an industrial city in southern China, the Red Hacker Alliance -- one of China's most well-known patriotic "hacktivist" groups -- maintain battle in the country's nationalistic online war. (Photo by NICOLAS ASFOURI / AFP)
Analyst explains why hospitals are vulnerable to hackers
A hacker stole $1 million from him by tricking his cell phone provider
SocialProof Security CEO Rachel Tobac uses social engineering to hack CNN tech reporter Donie O'Sullivan's accounts.
Watch how a social engineering hack works
CNN Business' reporter Donie O'Sullivan ran his photo through Clearview AI's software during a demo at CNN's studio.
Is this facial recognition app going too far? We tested it
Fiber optic cables feed into a switch inside a communications room at an office in London, U.K., on Monday, May 21, 2018. The Department of Culture, Media and Sport will work with the Home Office to publish a white paper later this year setting out legislation, according to a statement, which will also seek to force tech giants to reveal how they target abusive and illegal online material posted by users. Photographer: Jason Alden/Bloomberg via Getty Images
How to protect yourself from hackers
BERLIN, GERMANY - JUNE 22: In this photo Illustration hands typing on a computer keyboard on June 22, 2016 in Berlin, Germany. (Photo Illustration by Thomas Trutschel/Photothek via Getty Images)
5 of the biggest data breaches
This article has been edited from its original version. It was originally published in its entirety in the International Monetary Fund's Spring 2021 issue of Finance & Development magazine. Tim Maurer is the former director of the Cyber Policy Initiative and a senior fellow in the Carnegie Institute of International Peace's Technology and International Affairs Program. Arthur Nelson is a research analyst for the Carnegie Endowment for International Peace's Cyber Policy Initiative. The opinions expressed in this commentary are their own.
Perspectives Tim Maurer and Arthur Nelson
Today, the assessment that a major cyber attack poses a threat to financial stability is axiomatic— not a question of if, but when. Yet the world's governments and companies continue to struggle to contain the threat because it remains unclear who is responsible for protecting the system.
Increasingly concerned, key voices are sounding the alarm. In February 2020, Christine Lagarde, president of the European Central Bank and former head of the International Monetary Fund, warned that a cyber attack could trigger a serious financial crisis. In April 2020, the Financial Stability Board (FSB) warned that "a major cyber incident, if not properly contained, could seriously disrupt financial systems, including critical financial infrastructure, leading to broader financial stability implications." The potential economic costs of such events can be immense and the damage to public trust and confidence significant.
The global economy won't recover if we don't get vaccines to developing countries, too
The global economy won't recover if we don't get vaccines to developing countries, too
Two ongoing trends exacerbate this risk. First, the global financial system is going through an unprecedented digital transformation, which is being accelerated by the Covid-19 pandemic. Banks compete with technology companies; technology companies compete with banks. Meanwhile, the pandemic has heightened demand for online financial services and made work-from-home arrangements the norm. Central banks around the globe are considering throwing their weight behind digital currencies and modernizing payment systems.
Second, malicious actors are taking advantage of this digital transformation and pose a growing threat to the global financial system, financial stability and confidence in the integrity of the system. The pandemic has even supplied fresh targets for hackers. The financial sector is experiencing the second-largest share of Covid-19-related cyber attacks, behind only the health sector, according to the Bank for International Settlements.
Who is behind the threat?
The malicious actors behind these attacks include not only increasingly daring criminals — such as the Carbanak group, which targeted financial institutions to steal more than $1 billion during 2013-2018 — but also states and state-sponsored attackers. North Korea, for example, has stolen some $2 billion from at least 38 countries in the past five years.
This is a global problem. While cyber attacks in high-income countries tend to make headlines, less attention is paid to the growing number of attacks on softer targets in low- and lower-middle-income countries. Yet it is in those countries where the push toward greater financial inclusion has been most pronounced, leading many to leapfrog to digital financial services such as mobile payment systems. Although they do advance financial inclusion, digital financial services also offer a target-rich environment for hackers.
An international strategy
To achieve more effective protection of the global financial system against cyber threats, the Carnegie Endowment for International Peace released a report in November 2020 titled "International Strategy to Better Protect the Global Financial System against Cyber Threats."
Developed in collaboration with the World Economic Forum, the report recommends specific actions to reduce fragmentation by fostering more collaboration, both internationally and among government agencies, financial firms and tech companies. The strategy is based on four principles:
Greater clarity about roles and responsibilities is required. Only a handful of countries have built effective domestic relationships among their financial authorities, law enforcement, diplomats, other relevant government actors and industry. Existing fragmentation hampers international cooperation and weakens the international system's collective resilience, recovery and response capabilities.
International collaboration is necessary and urgent. Given the scale of the threat and the system's globally interdependent nature, individual governments, financial firms and tech companies cannot effectively protect against cyber threats if they work alone.
Reducing fragmentation will free up capacity to tackle the problem. Many initiatives are underway to better protect financial institutions, but they remain siloed. Some of these efforts duplicate each other, increasing transaction costs. Several of these initiatives are mature enough to be shared, better coordinated and further internationalized.
Protecting the international financial system can be a model for other sectors. The financial system is one of the few areas in which countries have a clear shared interest in cooperation, even when geopolitical tensions are high. Focusing on the financial sector provides a starting point and could pave the way to better protection of other sectors in the future.
Among actions for strengthening cyber resilience, the report recommends that the FSB develop a basic framework for supervising cyber risk management at financial institutions. Governments and industry should strengthen security by sharing information on threats and by creating financial computer emergency response teams (CERTs), modeled on Israel's FinCERT.
Our pandemic nightmare is almost over. We should thank the US government
Our pandemic nightmare is almost over. We should thank the US government
Financial authorities should also prioritize increasing the financial sector's resilience against attacks targeting data and algorithms. This should include secure, encrypted data vaulting that allows members to securely back up customer account data overnight. Regular exercises to simulate cyber attacks should be employed to identify weaknesses and develop action plans.
To reinforce international norms, the report recommends that governments make clear how they will apply international law to cyberspace and strengthen norms to protect the integrity of the financial system. Responses can include sanctions, arrests and asset seizures.
Governments can support these efforts by establishing entities to assist in assessing threats and coordinating responses. Intelligence gathering should include a focus on threats to the financial system, and governments should share such intelligence with allies and like-minded countries.
Building capacity
The comprehensive strategy outlined in the Carnegie report depends in turn on building the cybersecurity workforce, expanding the financial sector's cybersecurity capacity and safeguarding gains in financial inclusion that have resulted from the digital transformation.
Elevated unemployment due to the pandemic provides an important opportunity for training and hiring talented people to strengthen the cybersecurity workforce. Financial services firms should invest in initiatives to build the talent pipeline, including high school, apprenticeship and university programs.
US trade policy has failed Black and Latino workers
US trade policy has failed Black and Latino workers
Building cybersecurity capacity also means focusing on providing assistance where it is needed. The IMF and other international organizations have received many requests for cybersecurity assistance from member states. G20 governments and central banks could create an international mechanism to build cybersecurity capacity for the financial sector, with an international agency such as the IMF designated to coordinate the effort. The Organisation for Economic Co-operation and Development and international financial institutions should make cybersecurity capacity-building an element of development assistance packages and should significantly increase assistance to countries in need.
Finally, maintaining progress in financial inclusion requires strengthening cybersecurity. This is particularly urgent in Africa, with many countries on the continent experiencing a significant transformation of their financial sectors as they extend financial inclusion and move to digital financial services. A network of experts should be created to focus specifically on cybersecurity in Africa.
The time has come for the international community — including governments, central banks, supervisors, industry and other relevant stakeholders — to come together to address this urgent and important challenge. A well-thought-out strategy, such as the one above, provides a blueprint for turning words into action.
