A group of leading financial and tech companies have joined forces to strengthen cybersecurity for fintechs and data aggregators. Together Citigroup, Zurich Insurance Group, Kabbage, Hewlett Packard Enterprise (HPE) and The Depository Trust & Clearing Corporation (DTCC) aim to establish a framework for the often challenging task of assessing the cybersecurity in fintechs.

Threat identification and solution

After the identification of a growing threat formed by cyber-attacks to financial service providers, the consortium was formed to take a proactive approach in the matter. The threat was identified and acknowledged by some of the world’s best cybersecurity experts, when they came together due to an initiative by the World Economic Forum (WEF). Together, the cybersecurity experts not only identified the threat, but also proposed a solution in the form of a whitepaper, titled “Innovation-Driven Cyber-Risk to Customer Data in Financial Services”.

The risks of cyber-attacks

Incumbent parties are increasingly involving third parties, in the form of technology companies, with their IT-infrastructure. Some do this proactively, others as a reaction to, for instance, the EU’s PSD2. Additionally, the experts estimated that the cost of cybercrime could eventually build up to a whopping amount of USD 500 billion per year. All in all, the formed collaboration is a responsible and logical move in the unstoppable shift towards a more digital world.

The approach

The consortium will take immediate action, by developing common principles for cybersecurity assessments, guidance for implementation, a point-based scoring framework, and guidance on improving an organisation’s score. The companies will use a similar project from 2017, by the US Chamber of Commerce on Critical Infrastructure Protection, Information Sharing and Cybersecurity, as a helpful resource in doing so.

By Michael Brooijmans, Research Analyst