Research Announcement: Moody’s – Global investment banks heighten readiness against cyberattacks

London, October 07, 2019 —
» Global investment banks have enhanced their readiness a gainst the threat of cyberattacks to
their multiple, complex businesses
» They have invested heavily in cyber risk monitoring and mitigation, and are benefiting from
international standards, information sharing and enhanced regulation
Global investment banks (GIBs) have strengthened their ability to protect their multiple, complex
businesses against the high risk of cyberattacks, Moody’s Investors Service said in a report
published today.
“The GIBs have high vulnerability to cyber risk, across multiple business lines – for example, their
capital market activities are an attractive target for large-scale theft or disruption, as are payment
systems, and client data in wealth management and retail banking businesses,” said Alessandro
Roccati. “The GIBs show an advanced level of cyber readiness, having improved their monitoring
and risk mitigation, largely following best-in-class practices.”
GIBs have invested heavily in enhanced cyber risk monitoring and mitigation capabilities, and are
also benefiting from enhanced regulation, adopting international standards, and sharing information
with other large financial institutions. In addition, the rising use of cyber insurance policies will
help mitigate the financial effects of successful attacks, though not the disruptive or reputational
impacts. Moody’s found similar cyber risk governance frameworks and cyber protection, detection
and response plans for US and European GIBs.
Any successful attack is likely to have financial, reputational and regulatory impacts. The effects
would depend on the attack’s nature, severity and duration. Evidence of weak governance, risk
prevention or response and recovery readiness would indicate weak risk controls and would be
credit negative.
Subscribers can access the report at: http://www.moodys.com/researchdocumentcontentpage.aspx?
docid=PBC_1186179