The rapid digitalization of the global economy, combined with heightened geopolitical tensions, has significantly increased the frequency and severity of cyberattacks, posing a serious threat to global financial stability. The financial sector is particularly vulnerable, as sophisticated attacks targeting sensitive data and critical infrastructure can erode market confidence, cause deposit outflows, and trigger systemic shocks.
Key Points
- Rising Threat Landscape: Cyberattacks against financial institutions have more than doubled since the pandemic, with the magnitude of extreme losses from such incidents quadrupling to $2.5 billion since 2017.
- Systemic Risk: Financial firms, particularly banks, are primary targets. Successful attacks can lead to bank runs, market volatility, and the disruption of critical national payment systems, as evidenced by recent events in Lesotho and the United States.
- Third-Party Vulnerabilities: Increased reliance on third-party IT providers and emerging AI technologies expands the attack surface, creating the risk of widespread, simultaneous outages across multiple institutions.
- Policy Gaps: Many countries, especially in developing markets, lack sufficient national cybersecurity strategies or dedicated regulations to address these systemic threats.
- Recommended Actions: The IMF advocates for:
- Enhanced board-level cybersecurity expertise and better organizational “cyber hygiene.”
- Regular systemic risk assessments regarding institutional interconnectedness.
- Improved data collection, incident reporting, and information sharing among financial participants.
- Strengthened international cooperation to combat cross-border cyber threats.
- Resilience Focus: Since total prevention is unlikely, the sector must prioritize robust response and recovery procedures to ensure the continuity of critical business services during and after an attack.
To mitigate these risks, the IMF emphasizes that firms and regulators must move beyond individual defense mechanisms to establish comprehensive national and international cybersecurity frameworks that prioritize systemic resilience, improved governance, and standardized incident reporting.
To strengthen resilience in the financial sector, authorities should develop an adequate national cybersecurity strategy accompanied by effective regulation and supervisory capacity that should encompass:
- Periodically assessing the cybersecurity landscape and identifying potential systemic risks from interconnectedness and concentrations, including from third-party service providers.
- Encouraging cyber “maturity” among financial sector firms, including board-level access to cybersecurity expertise, as supported by the chapter’s analysis which suggests that better cyber-related governance may reduce cyber risk.
- Improving cyber hygiene of firms—that is, their online security and system health (such as antimalware and multifactor authentication)—and training and awareness.
- Prioritizing data reporting and collection of cyber incidents, and sharing information among financial sector participants to enhance their collective preparedness.
While cyber incidents will occur, the financial sector needs the capacity to deliver critical business services during these disruptions. To this end, financial firms should develop, and test, response and recovery procedures and national authorities should have effective response protocols and crisis management frameworks in place.
