While DTCC is primarily concerned about risks that can affect the stability and integrity of the financial system it supports, it recognizes that the scope of cyber risks extends well beyond the financial world. By their nature, cyber threats cannot be addressed in isolation – they are multi-faceted risks that affect interconnected institutions large and small across industry sectors and national borders.
To effectively deal with this growing threat, it is critical, as the saying goes, to “know thy enemy.” To this end, the introductory section of this paper provides a short overview of the evolution of cyber threats and the corresponding tools developed to address them.
Throughout this evolution, it has become clear that a robust cybersecurity regime depends on several pillars, which are described in the main sections of this paper:
- Part One covers institutional cyber resilience by focusing on the immediate need for institutions to develop, execute and enhance programs aimed at protecting their core business functions. This section identifies the components of high-maturity cybersecurity programs, which form the foundation for developing a more comprehensive set of partnerships and community-based actions.
- Part Two highlights the importance of public-private partnerships to protect against cyber threats. This section describes DTCC’s role in various councils and other partnerships across the industry and also outlines DTCC’s collaboration with government agencies such as the US Departments of Treasury and Homeland Security. This section also introduces Soltra, a new DTCC joint venture aimed at mitigating cyber risks across the financial industry.
- Part Three provides a global overview of public policy initiatives designed to safeguard critical infrastructure, protect national security and ensure data privacy. This section compares approaches taken by various jurisdictions across the globe and describes ongoing policy debates.
- Part Four offers recommendations for addressing future cyber threats. Drawing on best practices and lessons learned by cyber defenders, this section builds on recent trends to provide a series of forward-looking policy and industry recommendations aimed at enhancing systemic cyber resilience in the face of everevolving threats.
Download the CYBER RISK White Paper