-
Cybersecurity Trends

Cybersecurity and the treasurer

Collaboration is key

Scott Thorpe explores the top five growing cybersecurity trends impacting organisations, why treasurers need to be mindful of these risks and consequences and what they can do to stay ahead of the criminals.

Scott Thorpe

Director, Cyber Operations at Barclays

Cybersecurity and the treasurer

Exploring the top five cybersecurity trends

1

Cryptocurrency theft is a growing risk

With an increasing number of organisations and their clients using cryptocurrency, one of the biggest, and fastest-growing, cybersecurity threats is cryptocurrency theft. Cryptocurrency heists can take just a few seconds to execute and the impacts and consequences can be significant. One recent attack resulted in a loss estimated at around $200 million from the theft of digital assets and removal of traceability.

As we continue to progress further into a digital currency economy, organisations and their treasurers need to be aware of the emerging risks this highly profitable cyber-crime threat poses to an organisation’s cashflow, liquidity and counterparty risks. It is becoming increasingly important for treasurers to ensure risk management systems assess such threats to their organisation, as well as any potential exposure associated with clients and counterparties.

2

Prepare for ransomware and extortion threats

Geopolitical cybersecurity threats are increasing. Attacks can take the form of hacktivism – hacking for politically or socially motivated purposes – denial-of-service (DoS), as well as the use of ransomware and extortion. This is where malicious software is used to hijack systems through encryption in order to steal data, with threats to release it to the public or sell it on the dark web. Such scenarios create significant reputational risks for organisations, as well as potential operational and liquidity risks.

Continuing to work with IT teams, payment providers and technology vendors to understand the impact and implications of potential major outages will become more important than ever. This could include having robust policies around payment of ransoms and understanding how that may affect other types of risks, including: dealing with sanctioned countries; having enough liquidity to make payments; as well as decision-making processes to assess and resolve issues swiftly and effectively.

3

View from the very top

Does your board understand how quickly cybersecurity evolves, and why preparation and investment in systems to counter cyber threats is crucial? Organisations are facing innovative, sophisticated and highly motivated cyber criminals.

It’s important to understand where cybersecurity investments protect certain points of the organisation across the whole ‘attack chain’. Mapping your investment around these threats and understanding how shifts in ways of working (such as working from home) can impact your cybersecurity investment cycles can be crucial. The National Cyber Security Centre offers support and guidance on writing business continuity and disaster-recovery plans. So, in short, it is important to keep the board updated regularly with regular recommendations for risk mitigation.

4

Staying ahead of the criminals

The cyber risk landscape is constantly shifting and cyber criminals are always trying to stay one step ahead. Cyber threats need to be continually monitored in order to ensure effective remediation measures are in place. These measures can then be adapted and updated as required. An example of this might be analysing thematic threats against the organisation then overlaying these against vulnerabilities in a system or device.

It would be prudent to work on a prioritised list of risks from the treasury perspective – for example focusing on safeguarding cashflows first and so on. This will enable organisations to concentrate on and prioritise cybersecurity investment. The goal is to be able to move quickly when a cyber threat occurs, ensuring all technology can be patched within hours or days if it suddenly becomes vulnerable.

5

Validate defences and collaborate to protect

Once potential threats have been evaluated and prioritised, the organisation can invest in remediation measures and technology to counter cybersecurity threats. It is important that these systems are validated on a regular basis to test the organisation’s defensive posture – it’s vital not to wait until an attack to test the strategy.

Treasurers can collaborate with cybersecurity teams to review where new vulnerabilities or cyber threats may impact on the organisation’s cash management, so they can recognise potential issues and respond effectively.

In summary, cybersecurity is a team game. Collaboration and knowledge-sharing with sector non-profit partners, your bank and official UK organisations will enhance cybersecurity awareness, providing intelligence on threats and information on best-practice approaches.

Your next step

Optimise your business

Optimise your business

Read the latest research, expert analysis and reports from Barclays Corporate Banking.

Solutions

Corporate Banking Solutions

We provide a complete spectrum of solutions to enable your business to transact and trade easily, manage risks efficiently and finance its plans for growth.

Contact us

Get in touch

To discuss your business requirements and how Barclays can support you, contact us today.