Role of Information Security (Including Cyber security) Risk Managers in Financial services and the Crucial Role they Play

Abstract

Financial Services sector are a very critical part of nation’s infrastructure, cyberattacks on this sector could potentially have devastating consequences on the economy. Cyber and information security landscape are continuously evolving thus putting a lot of pressure on the systems responsible for operations. System and business owners are also cornered from all directions in terms of Audits, Assessments and compliance matters, thus making it difficult to deliver on business objectives, time and resourcing constraints have also played a contributing role. Security field has varied staff members with different skills and area of expertise, Information security management is one such skillset that needs to be housed in every financial firm and other sectors. Information Security Managers have the expertise to bridge the gap between not only Systems owners and Security experts, Compliance staff but also with Business. They can work in advisory capacity, guiding security risks through the Risk management Lifecyle towards mitigation, reporting becomes comparatively easier with them in the fold. They can also quarterback or in other words run point on Compliance related initiatives. This article helps understand the Information (cyber) security landscape in the financial services sector and the role information security managers can play to help relieve the burden on system owners and security SMEs (Subject Matter experts) to help balance the scales in business’s favor.