Moody's onJuly 13 released the results of a survey on cybersecurity among U.S. banks thatrevealed, among other things, that these institutions had a lack of in-houseexpertise to address cyberthreats.
As aresult, banks rely heavily on external cybersecurity providers, which serve astheir first and main line of defense against potential attacks. In addition,the rating agency found that banks utilize an average of 12 vendors for variousfunctions. And while Moody's noted that the practice is a positive one, asthese firms are at the forefront of identifying and resolving new risks,services by these third parties have their drawbacks, such as not beingcustomizable and flexible enough to address all potential situations. In thelong term, Moody's said that these third-party providers will continue to playan important role in banks' cybersecurity, but banks' internal cybersecurityteams are also expected to grow and become more developed.
Inaddition, the results of the Moody's survey also revealed that banks have onlybegun putting a high level of importance on cybersecurity in the past fewyears, as broad engagement on cybersecurity has become frequent in recenttimes. Most banks have also adopted incident response plans in the event of acyberattack, aimed at minimizing the severity of the impact of a hack.