"Cybercrime Is the Greatest Danger Facing All Companies Worldwide"

Following the establishment of the modern banking system from 1850, the strengths of the Swiss financial center became ever more apparent, namely stability and security. In the 21st century and in the context of the digitization of many of our business processes, these strengths are more important than ever before, as cybercrime is now regarded as one of the most significant operational risks facing our industry.

To help you understand the risk, SIX provides an overview of the current threat level and the most urgent defensive measures in its current Cyber Security Report 2019. Ginni Rometty, CEO and President of IBM, was aware of the importance of cyber security as long ago as 2015 when she summed up the situation in the following words: “Cybercrime is the greatest danger facing companies worldwide”. To counter this danger, SIX harnesses the strengths of the financial center Switzerland with its cyber security hub.

Benefits of the Cyber Security Hub

The fixed costs of preventing cybercrime are substantial; there is a severe shortage of specialist staff and generally there is too little information-sharing within the industry. With the cyber security hub, SIX offers a community and invests continuously in security to minimize cyber risks for relevant, system-critical infrastructures. This ensures banks and insurance companies can provide the levels of security that they have promised their clients. We hope that this Cyber Security Report produced by SIX will encourage more information-sharing within the industry.

SIX Cyber Security Report 2019: Overview of the Key Findings

The report clearly demonstrates that the Swiss financial center is an attractive target for cybercrime in principle; the greatest threats are posed by cybercriminals, whose aim is to make money, and government-backed entities, whose aim is to acquire competitive advantages. To do so, they often use malware in the form of banking Trojans, cryptominers and mobile malware, which had the biggest impact on the industry. The theft of data through point-of-sale malware affecting e-commerce organizations and online payment systems caused substantial financial losses.

In future, the currently visible growth in areas such as the Internet of Things, mobile technology and cloud computing will result in larger potential targets and more potential weak points among financial services providers. A strong trend towards more cyber-attacks is apparent from the fact that the number of such attacks doubled last year. We attribute this to the ever more serious threat posed by mobile malware, which can also be acquired ever more easily and cheaply in relevant underground forums.

Insights into the Type of Attacks

In the following graphics, SIX provides an overview of the type of attacks and their distribution in qualitative terms. We have introduced three different categories to ensure that the companies that have been attacked are comparable.

• Tier 1 organizations: large retail banks in Switzerland
• Tier 2 organizations: small to medium-sized retail banks, corporate clients, asset managers and financial infrastructure providers
• Tier 3 organizations: insurance companies, investment banking, securities and trading