The Canadian Bankers Association (CBA) yesterday hosted the Cyber Security Summit in Toronto, one of the largest annual gatherings of cyber security experts in Canada. Now in its 16th year, the event welcomed almost 1,000 senior information and cyber security professionals from the country’s banking and financial services sector, government officials, academics and other key stakeholders to share their insights on the latest developments in cyber security threat management.
Cyber security and resiliency are collaborative priorities for all banks in Canada, the financial sector more broadly and, indeed, society as a whole. There is no competitive advantage in going it alone. To that end, the CBA’s Cyber Summit is both an incubator of ideas and a platform for discussion as we work together to protect Canada’s financial system and the personal information of Canadians from cyber threats. All parts of Canada’s information security ecosystem must work together to ensure our country’s cyber security framework is strong and resilient in the ever-evolving digital economy.
We kicked-off the Summit with an armchair discussion with Scott Jones, Head of the new Canadian Centre for Cyber Security (Cyber Centre). The conversation highlighted the importance of ongoing collaboration between the banking sector and government agencies in protecting Canada’s financial system from both domestic and global threats. Announced as part of the 2018 National Cyber Security Strategy, the Cyber Centre is Canada’s authority on cyber security matters and plays a central role in building a cyber resilient Canada.
Media coverage of my discussion with Scott: https://business.financialpost.com/news/fp-street/chief-of-ottawas-new-cybersecurity-agency-makes-pitch-to-hackers-favourite-targets-banks
Canadian banks were active participants in the consultation to develop the National Cyber Security Strategy and are strongly supportive of an integrated public-private sector approach to cyber security and resiliency in Canada. The banking industry is at the forefront of the prevention and detection of cyber security threats and works in collaboration with regulators, law enforcement and all levels of government to share best practices and other information to address the growing challenges posed by cyber crime.
With a centralized agency and a national strategy now in place, constant knowledge sharing and effective regulations for all companies that play a role in our digital economy, including banks, Canada is well-positioned to protect cyber systems for citizens and lead on a global scale.
Despite the growing number of attempts, Canadian banks have an excellent record of protecting their systems and customers from ever-evolving cyber threats. Banks take seriously the trust that has been placed in them by Canadians to keep their money safe and protect their personal and financial information. To that end, the banking sector has invested heavily in technology and security measures. From 2007 to 2017, for example, Canada’s six largest banks have spent more than $84 billion on technology – a good portion of that was on digital security measures – and employ a huge number of high-skilled professionals in their IT security teams. Smaller and mid-sized banks also continue to make strategic investments in their cyber systems and defences.
Technology is rapidly changing how Canadians bank. According to recent polling by the CBA, more than two-thirds (76%) of Canadians primarily do their banking online or on their mobile device, up sharply from 68% two years ago and 52% in 2015. Canadians have come to expect greater convenience when using and accessing financial services, and banks have invested heavily to provide Canadians faster and more convenient ways to do their banking on trusted and secure platforms. In our digital world, customers, too, have a role to play in protecting their online activities.
Banks in Canada are leaders in the prevention and detection of cyber security threats. The financial system is part of Canada's critical infrastructure; as such, banks work closely with each other and with regulators, law enforcement and all levels of government to share best practices and information to address the growing challenges posed by cybercrime.